| nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | | 0 B |
URL nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 07:10:32 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Set-Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | | 728 B |
URL nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:0
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash766673734762331139b03f83676fa839 0a2f536fb34e03c83fe8628e48cfcb4b739b3b9b 4865c14b5fdad97081bcda1012bc213909c4ddff5c0bde34b63935ce3f64904a
GET /site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:32 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: us_session_id=P70754; expires=Sat, 20-Apr-2024 07:10:32 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 728
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonphimc.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:32 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:32 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:33 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:33 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | 301 Moved Permanently | 4 B |
URL User Request GET HTTP/1.1nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonphimb.com FingerprintD9:F9:6D:82:7E:A7:A1:8A:D2:1B:76:5D:02:EA:BC:09:D5:71:F2:51 ValidityFri, 29 Mar 2024 10:13:08 GMT - Thu, 27 Jun 2024 10:13:07 GMT
File typeASCII text, with no line terminators Hashf92965e2c8a7afb3c1b9a5c09a263636 e9b450d14bc2363d292c84f17cfad5cfbd58a458 11a6767d5674c7e45f7e00dc525762275b3a48491ad6045427d2609cc496c516
GET /xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 19 Apr 2024 07:10:33 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Location: https://nguonphimb.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Frick-va-morty-2-rick-morty-season-2-f39687.html
X-UA-Compatible: IE=edge,chrome=1
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Content-Length: 4
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimb.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Frick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | | 0 B |
URL nguonphimb.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Frick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:0
CertificateIssuerLet's Encrypt Subjectnguonphimb.com FingerprintD9:F9:6D:82:7E:A7:A1:8A:D2:1B:76:5D:02:EA:BC:09:D5:71:F2:51 ValidityFri, 29 Mar 2024 10:13:08 GMT - Thu, 27 Jun 2024 10:13:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Frick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 07:10:34 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Set-Cookie: PHPSESSID=3hnh5n1qkbu8rqemi03bnhsgi3; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimb.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Frick-va-morty-2-rick-morty-season-2-f39687.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimb.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Frick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | | 0 B |
URL nguonphimb.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Frick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:0
CertificateIssuerLet's Encrypt Subjectnguonphimb.com FingerprintD9:F9:6D:82:7E:A7:A1:8A:D2:1B:76:5D:02:EA:BC:09:D5:71:F2:51 ValidityFri, 29 Mar 2024 10:13:08 GMT - Thu, 27 Jun 2024 10:13:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Frick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=3hnh5n1qkbu8rqemi03bnhsgi3
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 07:10:34 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimc.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Frick-va-morty-2-rick-morty-season-2-f39687.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Frick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | | 759 B |
URL nguonphimc.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Frick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:0
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hashe1ff019514b871766de7c38f25ad0240 20ca00747e46ead5561b42dd956773ecfc972323 8a6a3fcb2a8f4b1e06715dada28ff85152599cb663dc35f39e1997b001b16988
GET /site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Frick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:34 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 759
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonphimc.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Frick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:35 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:35 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:35 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:35 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonphimb.com FingerprintD9:F9:6D:82:7E:A7:A1:8A:D2:1B:76:5D:02:EA:BC:09:D5:71:F2:51 ValidityFri, 29 Mar 2024 10:13:08 GMT - Thu, 27 Jun 2024 10:13:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: PHPSESSID=3hnh5n1qkbu8rqemi03bnhsgi3
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonphimb.com FingerprintD9:F9:6D:82:7E:A7:A1:8A:D2:1B:76:5D:02:EA:BC:09:D5:71:F2:51 ValidityFri, 29 Mar 2024 10:13:08 GMT - Thu, 27 Jun 2024 10:13:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=3hnh5n1qkbu8rqemi03bnhsgi3
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | 200 OK | 0 B |
URL User Request GET HTTP/1.1nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | 200 OK | 20 kB |
URL User Request GET HTTP/1.1nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:80
File typeHTML document, Unicode text, UTF-8 text, with very long lines (339), with CRLF, LF line terminators Hash7d3a7f49f1b8fc9e76e73377a55230e7 6c27559596e74684b7c83da85205df36ae24ec4c ff1e6cdf515fa4de94be7e8190e5c6c4dcda48df1a603d1c86c249a077e35bd0
GET /xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 19691
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/themes/np/js/owl.carousel.min.js | 94.242.50.163 | 200 OK | 6.5 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/owl.carousel.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (635), with CRLF line terminators Hash8c52f27fcac36c7667f8fb846e1e94d5 e5862559db659ffd530c91452d668c5e7b3f0f2d 6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad
GET /themes/np/js/owl.carousel.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:36 GMT
Content-Length: 6464
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/wow.min.js | 94.242.50.163 | 200 OK | 2.7 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/wow.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (8385), with CRLF line terminators Hashe1f1ff6897992a9165e8ce009b4039e3 e297207404fea99863aea60a1dcd3770f8ecddee 37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac
GET /themes/np/js/wow.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:36 GMT
Content-Length: 2742
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/bootstrap.min.js | 94.242.50.163 | 200 OK | 9.7 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/bootstrap.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (32034), with CRLF line terminators Hashe7d9a06cf9053c51cd4ad3386da0659a e45bf1054704a1fdfc4ee2713a16bf9283dea995 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
GET /themes/np/js/bootstrap.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:36 GMT
Content-Length: 9726
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonphimc.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:36 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 | 94.242.50.163 | 200 OK | 39 kB |
URL GET HTTP/1.1nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65140) Hash637800d55d2ac43cd3c4a864fac04661 bfb57b2bbe30a271e945e5d36027d69fb01b24cf 2aac7ee38577a71b8f0ec381c7836fc29274407517b9038e879fa762651dc5fc
GET /assets/b2993a05/jwplayer.js?ver=2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:36 GMT
Content-Length: 39208
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| www.googletagmanager.com/gtag/js?id=G-DDD7EKFG6W | 142.250.74.168 | 200 OK | 97 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-DDD7EKFG6W IP142.250.74.168:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3969) Hashb8f6033b9ce060e4f63a1ff77a61a7a7 0e6cff65aaba67cac591477b93b9db87c1379a8d 1117e8cf0ba1856f8e7c7cb5a2117fcc298d0c6b30636a25a5043ab6813fba95
GET /gtag/js?id=G-DDD7EKFG6W HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 07:10:36 GMT
expires: Fri, 19 Apr 2024 07:10:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/themes/np/js/jquery.nice-select.js | 94.242.50.163 | 200 OK | 1.5 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/jquery.nice-select.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash723e741faba72abfb0e56b6e0f8a73d8 ba71788614e8e11dbeeebdcac9037b57e7a69ce4 39f6514264e1603542b6aa38ba44c3be0aa7bbdef56ed139d74fe75e24e642fa
GET /themes/np/js/jquery.nice-select.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:36 GMT
Content-Length: 1538
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2 | 94.242.50.163 | 200 OK | 80 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators Hash9ccfae82c1f9be3cf7c148a39228f53c 9abd7857d28f34c5007b11ee53d2818482775163 d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6
GET /themes/np/css/color.css?v=np2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:36 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/jquery.magnific-popup.min.js | 94.242.50.163 | 200 OK | 7.3 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/jquery.magnific-popup.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (20087), with CRLF line terminators Hashb37d7edf99565d3858eaa1ad80df3cff 786a4343711e9af5e5dfcc493e7d2331b48875bb b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
GET /themes/np/js/jquery.magnific-popup.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:36 GMT
Content-Length: 7346
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/jquery.showmore.src.js | 94.242.50.163 | 200 OK | 434 B |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/jquery.showmore.src.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (432) Hashf67d16dc855157012280d1b8d2d0ac55 4eaa66120111bb8cb4c21884c647bf609ef3a7a5 89a7b91f92a0583bcfabc3dc0347bfb78822ebe75d229fb766ae2fdc6e7e0d28
GET /themes/np/js/jquery.showmore.src.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:36 GMT
Content-Length: 434
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/js/main.min.js?v=2.4.8.2 | 94.242.50.163 | 200 OK | 5.6 kB |
URL GET HTTP/1.1nguonphimc.com/js/main.min.js?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (17159) Hash2f3514d630f0195787c0f99778202f3c 2ce2883a59c655b8e02d644a1449fcdfdf604486 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749
GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:36 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/1/logo/logo16012018.png | 94.242.50.163 | 200 OK | 10 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/logo/logo16012018.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 124 x 40, 8-bit/color RGBA, interlaced Hasha9da8ca65d6ba20845e49ae6b63a0a92 f1c7861f134ba1af81047a0fda27027327b736ab 39eb6969b37ac9325026f79f791a7f8a46f9baa5976e3f0aa8b8772730af4e2c
GET /media/images/1/logo/logo16012018.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 15 Jan 2018 20:06:20 GMT
ETag: "2751-562d625d53c2f"
Accept-Ranges: bytes
Content-Length: 10065
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:36 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/img/loading_film.gif | 94.242.50.163 | 200 OK | 1.9 kB |
URL GET HTTP/1.1nguonphimc.com/img/loading_film.gif IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeGIF image data, version 89a, 34 x 34 Hashb9d35ba13f16629ec47d785d61d2204c 680ccabf459357685db0c404f4ef23543e735729 43b3f6a202a86e29f40d8a102cf62565fcdc07cebb55185f13eb86b0fbc8c5e6
GET /img/loading_film.gif HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 25 Dec 2017 07:17:53 GMT
Accept-Ranges: bytes
Content-Length: 1924
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 07:10:36 GMT
Connection: close
Content-Type: image/gif
|
|
| m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-4-1589925510.jpg | 94.242.50.163 | 200 OK | 57 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-4-1589925510.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x459, components 3 Hash86095eec1a4477bfcd09c578e14e5b4f c976791323a4751d5af80ff1f0caab4dc28d9e28 73b9491892a70929bb3414b95ba66028c1ce76457ce5de1383b8d561b788d0be
GET /media/images/film/vp/s350_700/rick-va-morty-4-1589925510.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 12 Jun 2020 01:25:24 GMT
ETag: "df11-5a7d8f3956c83"
Accept-Ranges: bytes
Content-Length: 57105
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:36 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-3-1589872966.jpg | 94.242.50.163 | 200 OK | 54 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-3-1589872966.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x459, components 3 Hash3695e22872253d86f3a995f092e48333 0acbb1f8051969af3659f7ce844fe980c837edde 01c4cf086c243151be7984962a022da9863d5dbe6d5791eafc738c8316020c73
GET /media/images/film/vp/s350_700/rick-va-morty-3-1589872966.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:34:19 GMT
ETag: "d499-5a7d0b1b35115"
Accept-Ranges: bytes
Content-Length: 54425
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:36 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/pbhorg/s350_700/rick-da-trang-1570529005.jpg | 94.242.50.163 | 200 OK | 37 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pbhorg/s350_700/rick-da-trang-1570529005.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 260x346, components 3 Hashe48223af63f235dd2a158ab22c7349d2 596267f22ced567e94248b7053c8c0ffc394c821 da8817b2a440c6fba5f1734fc15aa0a3086b341c8b0e2c3f29372b96ae42f26a
GET /media/images/film/pbhorg/s350_700/rick-da-trang-1570529005.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:58:11 GMT
ETag: "9199-5a7d10709d639"
Accept-Ranges: bytes
Content-Length: 37273
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:36 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/oph/s350_700/rick-va-morty-phan-4-1677508429.jpg | 94.242.50.163 | 200 OK | 86 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/oph/s350_700/rick-va-morty-phan-4-1677508429.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 341x484, components 3 Hashf11a6d19c548d8992337e70a0ec6941b 686c46e7a13b4995bab3b83591b9091db911aefd bc207bbde663e202716e761b3a47bddb2825f47b4e3b641cc87e35a7b1215f2d
GET /media/images/film/oph/s350_700/rick-va-morty-phan-4-1677508429.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 12 Mar 2023 15:49:04 GMT
ETag: "14ea1-5f6b5ef167fe7"
Accept-Ranges: bytes
Content-Length: 85665
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:36 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/oph/s350_700/rick-va-morty-phan-1-1690112014.jpg | 94.242.50.163 | 200 OK | 87 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/oph/s350_700/rick-va-morty-phan-1-1690112014.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 280x399, components 3 Hashfd39dedf5b2358cab84b85bc2c0944f8 de447ffceb03032396b3dbd73deac576fee7b353 00ea40c1bb1254ace7fddbee209085d0361781b04b1a422ac062e6a3778a8e12
GET /media/images/film/oph/s350_700/rick-va-morty-phan-1-1690112014.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 23 Jul 2023 15:44:35 GMT
ETag: "154ee-601295fee6732"
Accept-Ranges: bytes
Content-Length: 87278
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:36 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/oph/s350_700/rick-va-morty-phan-7-1700222705.jpg | 94.242.50.163 | 200 OK | 123 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/oph/s350_700/rick-va-morty-phan-7-1700222705.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3 Size123 kB (123276 bytes) Hashf1ab48b4270f7338cb230e8227b6d1cc 7ef7e5248fbf790770c7fdd6f8d1752b4f147f14 35decb96ae640459f22cd4b343c2f154f8335f3e5f27a45b43a482883730d070
GET /media/images/film/oph/s350_700/rick-va-morty-phan-7-1700222705.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 21 Dec 2023 15:12:32 GMT
ETag: "1e18c-60d0687668c00"
Accept-Ranges: bytes
Content-Length: 123276
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:36 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/co-dau-cua-phap-su-phan-2-1684436371.jpg | 94.242.50.163 | 200 OK | 44 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/co-dau-cua-phap-su-phan-2-1684436371.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 238x344, components 3 Hash38a7e921d074049812be6d7af6d0a027 5d1d7860658a7f9428c8ebbb441cc17876affef7 b5f8aca0da640aab08b6c045b8b7cbde4953d62b6f6a660534487db205ac1ab1
GET /media/images/film/ff/s350_700/co-dau-cua-phap-su-phan-2-1684436371.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 18 May 2023 19:00:09 GMT
ETag: "ac63-5fbfc69dab713"
Accept-Ranges: bytes
Content-Length: 44131
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:37 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg | 94.242.50.163 | 200 OK | 45 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3 Hash5e060cae43f33fc6ee9baa645c696f8e 9ac7805332b99d6e27afff6d96d47d72a0369fc8 ed17139b51f4cb501cfa17c692cc257437127fa92980851547df75f6402f13c0
GET /media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 23 Apr 2021 18:59:22 GMT
ETag: "af7d-5c0a864d52e4d"
Accept-Ranges: bytes
Content-Length: 44925
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:37 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/blp/s350_700/thanh-pho-vo-hinh-phan-2-1679987455.jpg | 94.242.50.163 | 200 OK | 48 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/blp/s350_700/thanh-pho-vo-hinh-phan-2-1679987455.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x490, components 3 Hash8cc161140abbc224c164b98b84a0bcfc c87608439776923b6ebb50f9f82b26f94b2b28bd 0f9650612d5c6d384c88ad8bed442bc1c334f62b3dce609d3f00ac91859f5b71
GET /media/images/film/blp/s350_700/thanh-pho-vo-hinh-phan-2-1679987455.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Tue, 28 Mar 2023 10:56:11 GMT
ETag: "b985-5f7f3b51d8959"
Accept-Ranges: bytes
Content-Length: 47493
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:37 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 4.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash9d3e8ebb9d90471220bc3b396b7fa512 4c1ea61cc8712b056e764177ce2730ec9e49258b 4b9a19828ae460cbc9d9a50e499d8717536f4679c75c058fad0dd946253161bb
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 07:10:36 GMT
date: Fri, 19 Apr 2024 07:10:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg | 94.242.50.163 | 200 OK | 70 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x426, components 3 Hashfabd25bf58c53cf84b93d09b16a5dab1 44d008211bf7a481cb35b3187b825f54e7c9631c 06138ff6cdd143a248a3b31bbcb4e88ee295c0d11a987a60b9f0c4043fee79e0
GET /media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 12 Jun 2020 07:03:11 GMT
ETag: "112e1-5a7ddab8b8f40"
Accept-Ranges: bytes
Content-Length: 70369
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:37 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/pbhorg/s350_700/vo-thuong-than-de-1607195046.jpg | 94.242.50.163 | 200 OK | 88 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pbhorg/s350_700/vo-thuong-than-de-1607195046.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 350x467, components 3 Hashd854ee570202c0a20513c8515999e735 50226555cdc007798b51e22f3b198557930de4f4 ea888fd8948fd830499aaff6ef39e42aefcaaf0c189d570b61c4f80c473224b0
GET /media/images/film/pbhorg/s350_700/vo-thuong-than-de-1607195046.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 05 Dec 2020 19:05:23 GMT
ETag: "1572e-5b5bc466c8043"
Accept-Ranges: bytes
Content-Length: 87854
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:37 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg | 94.242.50.163 | 200 OK | 102 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3 Size102 kB (102471 bytes) Hashf3b3235be303bcdd8806ee587f879d0a c5cfc2f2b686184a9bb5d8495268fb62e685d17c f365d987c622865d1bac410f3814dabce383d1dd2d961f00aafaf256b251c42e
GET /media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 21 Jun 2021 05:14:17 GMT
ETag: "19047-5c53fbebf16b6"
Accept-Ranges: bytes
Content-Length: 102471
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:37 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/rick-va-morty-phan-6-1662623947.jpg | 94.242.50.163 | 200 OK | 52 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/rick-va-morty-phan-6-1662623947.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3 Hashb4ea7d2042faeb1c1294d16d94ec6377 059eb1a557034466c98945201d8f54324effb6c9 79a2bc0860b38c732cbcd2f657223ef5450216e167b9b5915acfc65b6196f474
GET /media/images/film/ff/s350_700/rick-va-morty-phan-6-1662623947.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 08 Sep 2022 07:59:12 GMT
ETag: "ca46-5e825ce0e2a91"
Accept-Ranges: bytes
Content-Length: 51782
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:37 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 78 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash66064b52ea5661ea8477a2a8f52a989b 1f8e46f8cf1f639520938b817b2ef199ed753224 6223efb7f9db1b5d67e9c9f9b76561032125c7b7a81b4bb33cae6a45f6ef6bbb
GET /css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 07:10:36 GMT
date: Fri, 19 Apr 2024 07:10:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-5-1626452448.jpg | 94.242.50.163 | 200 OK | 48 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-5-1626452448.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x473, components 3 Hashcb3fbf418ea71947562c04fbf4dad917 61bba40f8b2a56a1dff5a29127f44f1c74564f84 10c0511f12483ec0a5b9f4e3e8dd5515d7db5f2f704062b916a8e9b730ff700d
GET /media/images/film/vp/s350_700/rick-va-morty-5-1626452448.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 16 Jul 2021 16:20:51 GMT
ETag: "bcba-5c73ff8a0728c"
Accept-Ranges: bytes
Content-Length: 48314
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:37 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg | 94.242.50.163 | 200 OK | 87 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x438, components 3 Hashcdb099f8426bd971ac65260f52a7c035 549e05f3215272e4a12832eaf94504d694383bec e46c8ded7ae8965e2881e946441d5a65cfb6937e9f97d1351c70658c5818ba88
GET /media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 24 Oct 2022 16:27:41 GMT
ETag: "15256-5ebca453fbe31"
Accept-Ranges: bytes
Content-Length: 86614
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:37 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/rick-va-morty-phan-5-1630609208.jpg | 94.242.50.163 | 200 OK | 49 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/rick-va-morty-phan-5-1630609208.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3 Hashbd6854032f49622f944950cf8f64b81a f2ffb0742aa14d6a78c6c4d831e830ebb127e083 932afa4d57ce13099c013bee9aca512165ad7a3dbc6aba59f8740cf1b8d88b31
GET /media/images/film/ff/s350_700/rick-va-morty-phan-5-1630609208.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 02 Sep 2021 19:00:12 GMT
ETag: "c0fa-5cb07cae6365b"
Accept-Ranges: bytes
Content-Length: 49402
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:37 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg | 94.242.50.163 | 200 OK | 55 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x501, components 3 Hash7d84be20e84510c02a36491f73526483 911556208f24946169d6e9afe33fc2e5f6e48470 84cdd62c2838005fc964ed071a20d264327cc45c1403b1126ceb263fe479c06a
GET /media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 10 Mar 2024 18:55:46 GMT
ETag: "d82c-61352f90ce8d6"
Accept-Ranges: bytes
Content-Length: 55340
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:37 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-1-1589763908.jpg | 94.242.50.163 | 200 OK | 45 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-1-1589763908.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x404, components 3 Hashfb7b29decbefcaadc327c27642192d47 ae21da46514ea38bf78550e7cdbdf6135a6d607c ff3f7bb6f026720257413c5c7cf35b95c80321ad46465d8d272bf5f4f93fb3b0
GET /media/images/film/vp/s350_700/rick-va-morty-1-1589763908.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 12 Jun 2020 01:29:29 GMT
ETag: "ae06-5a7d90224ca62"
Accept-Ranges: bytes
Content-Length: 44550
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:37 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 | 216.58.207.227 | 200 OK | 128 kB |
URL GET HTTP/2fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0 Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 13 Apr 2024 06:44:19 GMT
expires: Sun, 13 Apr 2025 06:44:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
age: 519978
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 | 216.58.207.227 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16552, version 1.0 Hash283c40f79deab0300df8b3ffd86dfc7b 2ef09414a573ac59f4b37e81c8b8a881244b345f 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:10:17 GMT
expires: Fri, 18 Apr 2025 03:10:17 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 100820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 | 216.58.207.227 | 200 OK | 12 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11872, version 1.0 Hash87ace20058325aa069320aa4af875dff b743548770c46d905ae1ba06310bc001c587fe8e 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 08:34:01 GMT
expires: Fri, 18 Apr 2025 08:34:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
age: 81396
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 216.58.207.227 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35328, version 1.0 Hash7670dba29aa2a1560c5d711ea6f6b369 6a2a620d2972f139c804c5a8363c91eb1a7595f6 adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:26:46 GMT
expires: Wed, 16 Apr 2025 07:26:46 GMT
cache-control: public, max-age=31536000
age: 258231
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/1.1fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 225779
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 102937
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i | 142.250.74.106 | 200 OK | 17 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i IP142.250.74.106:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash3f9163f54c15a173bcae38aeec0cf04c 9d10486146805786d9adeff59bdd1919050ba954 92988339d7d7e6155138a3917f9ec8ffa3791423cd4d33d6d78e958061818ce9
GET /css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 07:10:36 GMT
date: Fri, 19 Apr 2024 07:10:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 5.9 kB |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.106:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash41dc397a314a354e376607ed499bed86 56ad057914108f06d937cc0ef0708d51f27a5d44 5b441e955976fee6ffb12ec6a2df8eb1b597b99713fd704d9a77066a4180c461
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 07:10:36 GMT
date: Fri, 19 Apr 2024 07:10:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 | 216.58.207.227 | 200 OK | 5.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5560, version 1.0 Hashca3b09b62fda648a4511700413313fd0 109cd4c5435bd6614391bb8722c47c287c96b2ec 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:45:32 GMT
expires: Fri, 18 Apr 2025 02:45:32 GMT
cache-control: public, max-age=31536000
age: 102305
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js | 192.243.59.13 | 200 OK | 16 kB |
URL GET HTTP/1.1chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js IP192.243.59.13:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (44044), with no line terminators Hashddc06a599ddf3dc86f7f886f4fce0a27 2f22865ae3e5cd69b51d5e67fb227312db53fe79 42124a778a2afce004de8b71622d8a5b2f66c62f9bc2792c00ba5c959d98692c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5b/28/bb/5b28bb3338748187b2166508de2d96b3.js HTTP/1.1
Host: chokedsmelt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 19 Apr 2024 07:10:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b031473cc3093916715e109e3306b0d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 301 Moved Permanently | 167 B |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 07:10:37 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 19 Apr 2024 08:10:37 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2jVS%2BxBjmWgShr2zqXgXWZDPUH3ZZ52FJaZ8uV%2BYIjygIyYBVO8uImIJdL%2FHcPBcxajot6qw2vjlLO6gwSUNZfXU%2FnSOZJEmieq1EuDjV56QrDN3kPX%2Bwh%2Fs%2B9pAWizF3I%2FBIUq7pWLWTyvOZmycwg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 876b136cabb5569a-OSL
alt-svc: h2=":443"; ma=60
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 102937
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 102937
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 216.58.207.227 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35328, version 1.0 Hash7670dba29aa2a1560c5d711ea6f6b369 6a2a620d2972f139c804c5a8363c91eb1a7595f6 adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:26:46 GMT
expires: Wed, 16 Apr 2025 07:26:46 GMT
cache-control: public, max-age=31536000
age: 258231
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.148.107 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.148.107:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashdf450d745f6f952b5460eee83f5251be 33e99492e65e226c875b1f2313d1305781ce2d45 600cd667c9991bc43506c8bd9708c6acb305b89b6ba5fc1b5932bb832eb9545e
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:10:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://nguonphimc.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=12976255-2f73-4696-a07c-b1d2d3c83ccc:2:1; expires=Mon, 17 Apr 2034 07:10:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 | 216.58.207.227 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16552, version 1.0 Hash283c40f79deab0300df8b3ffd86dfc7b 2ef09414a573ac59f4b37e81c8b8a881244b345f 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:10:17 GMT
expires: Fri, 18 Apr 2025 03:10:17 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 100820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/themes/np/images/bottomNavON.png | 94.242.50.163 | 200 OK | 1.3 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/bottomNavON.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced Hash0703045e13e1ab8508a2273cbe71d5d6 c2d2f79bb3758de5722cddd94eaf4701078b4d71 698cc5f19fb8e30c2a9d8471e81637cb26e8fcd67a55bfffc9ca651a0c45e90f
GET /themes/np/images/bottomNavON.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754; _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1334
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 07:10:37 GMT
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/site/site/checkaccess/ | 94.242.50.163 | 200 OK | 7 B |
URL POST HTTP/1.1nguonphimc.com/site/site/checkaccess/ IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeASCII text, with no line terminators Hash4e3ca82bee9b6a4b6c6e30ca31234e50 f007b014714adb9c2c7c105e64dfa8448e9ec77a 148ecdac86b94c986a6bb2da57595b2cc4b35afa88e266ec7f30f79530803efb
POST /site/site/checkaccess/ HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 110
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754; _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/themes/np/images/button_km.png | 94.242.50.163 | 200 OK | 2.6 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/button_km.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 66 x 50, 8-bit/color RGBA, non-interlaced Hash05238f78240b8bb3d2453e866550a011 766a5353d457d5282bb04192072a116073b8666d aed76e5f2deac5394da887c6b862ab04fbc3e601348006da714310d72c5dfc60
GET /themes/np/images/button_km.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754; _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 2646
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 07:10:37 GMT
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/themes/np/images/bottomNavOFF.png | 94.242.50.163 | 200 OK | 1.3 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/bottomNavOFF.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced Hash840cd790a57c4cee3fb5b50d448dfd3a 976ecfbdaadc569488019ad246b6dfa31bdab85b d317c5f6a5b4342d84bcc00cb0c99d2ce3c7d6f1044ac8036d722fcbf728baeb
GET /themes/np/images/bottomNavOFF.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754; _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1250
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 07:10:37 GMT
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/site/chatbot/refresh/ | 94.242.50.163 | 200 OK | 260 B |
URL POST HTTP/1.1nguonphimc.com/site/chatbot/refresh/ IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Hashba0683de7607ad624fb4cecda80e9bc1 674cb63ed78bcbd018343354b0ae42e9c43d2ee1 83db877ee449fa874aaaf8896bc642c25fc2f6e8c0179b6d4d59a2c0c9cdfce1
POST /site/chatbot/refresh/ HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 16
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754; _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 260
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:43:03 GMT
expires: Fri, 18 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 102454
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 | 216.58.207.227 | 200 OK | 5.2 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5224, version 1.0 Hasha835084624425dacc5e188c6973c1594 1bef196929bffcabdc834c0deefda104eb7a3318 0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:34:04 GMT
expires: Fri, 18 Apr 2025 17:34:04 GMT
cache-control: public, max-age=31536000
age: 48993
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 | 216.58.207.227 | 200 OK | 12 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11936, version 1.0 Hash15d8ede0a816bc7a9838207747c6620c f6e2e75f1277c66e282553ae6a22661e51f472b8 dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:57:06 GMT
expires: Fri, 18 Apr 2025 02:57:06 GMT
cache-control: public, max-age=31536000
age: 101611
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 | 216.58.207.227 | 200 OK | 5.2 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5164, version 1.0 Hashe1d4c2969a3dd92f91fea51f652831ef ff3be3617b93fca22d758f43920abfa313337bc2 570d2dc2ce988d8ae09147ee2eca5ec53f8d5f036e84e3212bf03503374054e5
GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:40:00 GMT
expires: Fri, 18 Apr 2025 17:40:00 GMT
cache-control: public, max-age=31536000
age: 48637
last-modified: Mon, 16 Oct 2017 17:33:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15436, version 1.0 Hash037d830416495def72b7881024c14b7b 619389190b3cafafb5db94113990350acc8a0278 1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 08:34:02 GMT
expires: Fri, 18 Apr 2025 08:34:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:12 GMT
content-type: font/woff2
age: 81395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 | 216.58.207.227 | 200 OK | 163 kB |
URL GET HTTP/3fonts.gstatic.com/s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 162924, version 1.0 Size163 kB (162924 bytes) Hash7f2e1b48b71ec58fda4539018a2f56cc 507bf81f52fa8c99bf2c5c8bd59a981899ca9995 7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
GET /s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 162924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:39:07 GMT
expires: Wed, 16 Apr 2025 08:39:07 GMT
cache-control: public, max-age=31536000
age: 253890
last-modified: Mon, 08 Apr 2024 19:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:25:07 GMT
expires: Fri, 18 Apr 2025 17:25:07 GMT
cache-control: public, max-age=31536000
age: 49530
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp | 142.250.74.35 | 200 OK | 56 kB |
URL GET HTTP/2www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (2331) Hash65e864be75ee444565658d67774b0c54 7f0f29fd4bb9ca93150b786e4f48f5c2f8bca773 db02c8b4797a18ccbe137c9fc2de340c332ff76454cfd1aaa1e8545766b8ba8f
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 55653
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 15:17:07 GMT
expires: Fri, 18 Apr 2025 15:17:07 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 17 Apr 2024 21:34:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 57210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 | 216.58.207.227 | 200 OK | 5.3 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5284, version 1.0 Hash6bef514048228359f2f8f5e0235f8599 318cb182661d72332dc8a8316d2e6df0332756c4 135d563a494b1f8e6196278b7f597258a563f1438f5953c6fbef106070f66ec8
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5284
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:37:21 GMT
expires: Fri, 18 Apr 2025 02:37:21 GMT
cache-control: public, max-age=31536000
age: 102796
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:38 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe | 142.250.74.35 | 200 OK | 15 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1424) Hash124ba95b2ec12aff22f988c42b14d353 e506202fff14601dba2b44d807b1319968bb3216 50aff2092ce10805752997b823e0bb7490112ff66b9f2d00eaa8b6cada98a873
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 15156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 12813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf | 142.250.74.35 | 200 OK | 9.3 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1226) Hash0df69be878f840c3ece59615858c5009 65d903b30ab94d986ae198622811f39576d4da4c b51d740f6556a23458f1715f7183de04394c359a5d5645175c914c880a7e0a16
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 9278
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 12813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | 200 OK | 508 B |
URL User Request GET HTTP/1.1nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:80
Hashcb838949b19f5e1e6c0148dfa7e6dcf2 ba5ebed62b530209a496a0b8e3abbdc6b658e91e 048c2862b48420d46e1f0aed142b0cb9564c6507b80b6ef8161dacf496a19870
POST /xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 67
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754; _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637; dom3ic8zudi28v8lr6fgphwffqoz0j6c=12976255-2f73-4696-a07c-b1d2d3c83ccc%3A2%3A1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 508
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/ab_icon-1.svg | 142.250.74.35 | 200 OK | 15 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/ab_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash419033f4f0383492c93db1e6b5e7fa23 96584fdfb4d58c70fb1db6dfc128db296e5cf4e0 c75fbc4fd1beb52bbe64df89d8c402290f5b23bb518abbdd159a268aa0a5f782
GET /fundingchoices/allowads/blockers/firefox/ab_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 15403
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:19:24 GMT
expires: Fri, 18 Apr 2025 03:19:24 GMT
cache-control: public, max-age=31536000
age: 100274
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_abp-2.png | 142.250.74.35 | 200 OK | 7.4 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_abp-2.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 794 x 184, 8-bit colormap, non-interlaced Hash3d77be4b727c5ff097bcac7eb68c09f9 785be4dc822e6817dbc03b69246cd089436bf108 b77a4547e701c49192847e60735a7027f0910a0df2ccf6d6193dcf1e4a74f719
GET /fundingchoices/allowads/blockers/firefox/browser_abp-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7390
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:55:20 GMT
expires: Tue, 15 Apr 2025 21:55:20 GMT
cache-control: public, max-age=31536000
age: 292518
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg | 142.250.74.35 | 200 OK | 731 B |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hashc663022865c526afe63691faf0d14725 f1e821f6920fc1b9db40ccf35ed0f6fb54ea8592 56ff7605344ed5eb3a68f8edc6b048658ee714bdfed56d487cb1e1bb62eb24f8
GET /fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 731
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 09:59:27 GMT
expires: Wed, 16 Apr 2025 09:59:27 GMT
cache-control: public, max-age=31536000
age: 249071
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fundingchoicesmessages.google.com/s/whitelist?hl=vi | 142.250.74.46 | 200 OK | 21 kB |
URL GET HTTP/2fundingchoicesmessages.google.com/s/whitelist?hl=vi IP142.250.74.46:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typegzip compressed data, max compression Hash9698b451461d3c31052de3005f674fc3 9e996d65df6bcc88364895ba516be563c5038d97 a54806f5587ba5dd1bc64674b82dc8342d61523988449494a69327b564f13069
GET /s/whitelist?hl=vi HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 07:10:37 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: same-site
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingAdwallUi/cspreport, script-src 'nonce-FVNHl9F7fEYsi4Frw4_6Og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingAdwallUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingAdwallUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
reporting-endpoints: default="/_/ContributorServingAdwallUi/web-reports?context=eJzjMtDikmJw0JBikPj6kkkLiJ3SZ7CGALFP_QzWOCBuvXmOdToQJ_87z1oKxEI8HG83dmxkE3jQMfc2EwDQqhly"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_ab-2.png | 142.250.74.35 | 200 OK | 7.7 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_ab-2.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 794 x 184, 8-bit colormap, non-interlaced Hash13a0bd1dcfc87f4f19579dc5b059af16 82aa8a7312d5023667edc1565962ddfdfb99a678 818af03e73fcb8964cc644383aa9a2ca4db0b1d8634fbdc9216d8a1d460aab6c
GET /fundingchoices/allowads/blockers/firefox/browser_ab-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 20:31:55 GMT
expires: Tue, 15 Apr 2025 20:31:55 GMT
cache-control: public, max-age=31536000
age: 297523
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_icon-1.svg | 142.250.74.35 | 200 OK | 1.3 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash9d378dcff1b89001c348f1df4564ba48 d81c2c163657754563fcd33b793dc36cd6b3a21e f194962656d2b52acaba476410973194ffc377f15f8710a25b7fbee9fd99a2df
GET /fundingchoices/allowads/blockers/firefox/uo_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1258
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:42:16 GMT
expires: Fri, 18 Apr 2025 17:42:16 GMT
cache-control: public, max-age=31536000
age: 48502
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg | 142.250.74.35 | 200 OK | 1.5 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash606c949e5f626ea9a5a1a1a346209c59 f7700e18535dbb3108d50acbcd6f4f18a533843b bc6e55b647b6656e06c02477e957a9ab8dd2164058f8046bf2c5522a219b7e98
GET /fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:33:37 GMT
expires: Fri, 18 Apr 2025 17:33:37 GMT
cache-control: public, max-age=31536000
age: 49021
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png | 142.250.74.35 | 200 OK | 1.1 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 117 x 127, 8-bit colormap, non-interlaced Hash975c9f127c385e3699795a74098872d8 a83d8ebdda4fc135a66de267850c9f573a52b9fe 5caf71572cd2c4167c04a6ecef78d7b407e460b0517c9b11df5cc0c0b9a0d320
GET /fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1071
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:28:24 GMT
expires: Fri, 18 Apr 2025 17:28:24 GMT
cache-control: public, max-age=31536000
age: 49334
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_uo-2.png | 142.250.74.35 | 200 OK | 7.2 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_uo-2.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 794 x 184, 8-bit colormap, non-interlaced Hash2ca4823b87ee46e5d7a641195cfde652 1d0b4aceb1b0276cbdffaa84facd66b5fe41c714 3d74f9a6b34a1f9936cf3fdcf33ec06f48b602a7202396dcc3aef424a54e5413
GET /fundingchoices/allowads/blockers/firefox/browser_uo-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:42:16 GMT
expires: Fri, 18 Apr 2025 17:42:16 GMT
cache-control: public, max-age=31536000
age: 48502
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 142.250.74.34 | 200 OK | 51 kB |
URL GET HTTP/2pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP142.250.74.34:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net FingerprintED:0D:E8:DC:2E:0E:7D:5F:CB:BE:43:7B:C7:CB:BF:BC:B7:E5:FC:1E ValidityMon, 04 Mar 2024 06:35:32 GMT - Mon, 27 May 2024 06:35:31 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hash4720ded07a78c128f320a86d6478981e 66d273b59eca700eea4c473e761051eb062fffd5 9464a1f76eade7616c470eead03c02a844b98a189ada24e6ec3029c28f458502
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Fri, 19 Apr 2024 07:10:38 GMT
expires: Fri, 19 Apr 2024 07:10:38 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 4670249259006158160
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50819
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk | 142.250.74.35 | 200 OK | 3.5 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (763) Hashab1564f0dc81e3cdd5ded3cc022d6364 821fe2a008e172df73c12e0a3d2eb6da3c4cb717 872b63440dfdc5f5b4b42cddd6aa1ce863efcd72d3816e927dcd3cd65c2b06c3
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 3490
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 12813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c | 142.250.74.35 | 200 OK | 13 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1600) Hashab199b9dc5faf341e688a4c9196b0874 fdf2ccb808e05f2789ced334d3d18e13ec59d71c 454a7e35fa7a6c0a52d616009ce1964375308a1b839a87095780df64b70c4e0e
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 12692
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 12813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd | 142.250.74.35 | 200 OK | 12 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (2968) Hashf5c7fc324e43f85696f2873b1fe2a8d4 7d90bee3a4626a8766fad6ba57e8a065b9c5d19f 5485453d1c290f9728e0756544aea1360eaf9a5b5555d1017b69d213d3d82455
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 11750
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 12813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw | 94.242.50.163 | 200 OK | 5.1 kB |
URL GET HTTP/1.1grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hashe1d9f7b264a228905b4ac3ba293811af 98ba7e9b5cb1355f47af5c43f65930acb57c042f c5dfa37f44e5d9d9b50fef25daea150126285b72aa43f3429cf8dcabc603da10
GET /embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: PHPSESSID=58nst721duthperttvvkd1sse4; path=/
us_session_id=P70774; expires=Sat, 20-Apr-2024 07:10:38 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 5061
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| grab.nguonphimc.com/js/main.min.js?v=2.4.8.2 | 94.242.50.163 | 200 OK | 5.6 kB |
URL GET HTTP/1.1grab.nguonphimc.com/js/main.min.js?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (17159) Hash2f3514d630f0195787c0f99778202f3c 2ce2883a59c655b8e02d644a1449fcdfdf604486 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749
GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637; PHPSESSID=58nst721duthperttvvkd1sse4; us_session_id=P70774
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:38 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| grab.nguonphimc.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1grab.nguonphimc.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637; PHPSESSID=58nst721duthperttvvkd1sse4; us_session_id=P70774
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:38 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| grab.nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 | 94.242.50.163 | 200 OK | 39 kB |
URL GET HTTP/1.1grab.nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65140) Hash637800d55d2ac43cd3c4a864fac04661 bfb57b2bbe30a271e945e5d36027d69fb01b24cf 2aac7ee38577a71b8f0ec381c7836fc29274407517b9038e879fa762651dc5fc
GET /assets/b2993a05/jwplayer.js?ver=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637; PHPSESSID=58nst721duthperttvvkd1sse4; us_session_id=P70774
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:38 GMT
Content-Length: 39208
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2 | 94.242.50.163 | 200 OK | 80 kB |
URL GET HTTP/1.1grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators Hash9ccfae82c1f9be3cf7c148a39228f53c 9abd7857d28f34c5007b11ee53d2818482775163 d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6
GET /themes/np/css/color.css?v=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637; PHPSESSID=58nst721duthperttvvkd1sse4; us_session_id=P70774
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:38 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
|
|
| grab.nguonphimc.com/img/loading_film.gif | 94.242.50.163 | 200 OK | 1.9 kB |
URL GET HTTP/1.1grab.nguonphimc.com/img/loading_film.gif IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
File typeGIF image data, version 89a, 34 x 34 Hashb9d35ba13f16629ec47d785d61d2204c 680ccabf459357685db0c404f4ef23543e735729 43b3f6a202a86e29f40d8a102cf62565fcdc07cebb55185f13eb86b0fbc8c5e6
GET /img/loading_film.gif HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637; PHPSESSID=58nst721duthperttvvkd1sse4; us_session_id=P70774
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 25 Dec 2017 07:17:53 GMT
Accept-Ranges: bytes
Content-Length: 1924
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 07:10:38 GMT
Connection: close
Content-Type: image/gif
|
|
| ssl.p.jwpcdn.com/player/v/8.24.0/jwplayer.core.controls.html5.js | 151.101.194.114 | 200 OK | 94 kB |
URL GET HTTP/1.1ssl.p.jwpcdn.com/player/v/8.24.0/jwplayer.core.controls.html5.js IP151.101.194.114:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65135) Hashe2ac36ede4d0b25455f3d5b9a51e718b 98eef89297a28352ab5b5d9814c8977ff805f713 a34f8bc84784c968be9b5dd5de4dda1f18166bc096866c51c792f8ddada9fad3
GET /player/v/8.24.0/jwplayer.core.controls.html5.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 93881
Cache-Control: max-age=31536000, immutable
Last-Modified: Wed, 15 Dec 2021 01:03:59 GMT
ETag: "e2ac36ede4d0b25455f3d5b9a51e718b"
Content-Type: application/javascript
Server: AmazonS3
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 19 Apr 2024 07:10:38 GMT
Via: 1.1 varnish
Age: 893785
X-Served-By: cache-hel1410034-HEL
X-Cache: HIT
X-Cache-Hits: 62
X-Timer: S1713510639.595957,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| greecewizards.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=12976255-2f73-4696-a07c-b1d2d3c83ccc%3A2%3A1 | 192.243.61.225 | 200 OK | 7.7 kB |
URL GET HTTP/1.1greecewizards.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=12976255-2f73-4696-a07c-b1d2d3c83ccc%3A2%3A1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerLet's Encrypt Subjectgreecewizards.com Fingerprint0F:9A:82:72:48:5D:30:04:9C:76:2B:10:11:2D:9D:13:CB:F0:C7:97 ValidityTue, 16 Apr 2024 10:14:50 GMT - Mon, 15 Jul 2024 10:14:49 GMT
Hash0ba391481532bdc26fa288119ccbcf70 253abc35331e09c62082ba54d497220d61fc2151 cd63b75dc50a99919c0674993d441eb2d97b759851e9db68aec92e10ce140828
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=12976255-2f73-4696-a07c-b1d2d3c83ccc%3A2%3A1 HTTP/1.1
Host: greecewizards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:38 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nguonphimc.com
Access-Control-Allow-Origin: http://nguonphimc.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17093374; expires=Sat, 20 Apr 2024 07:10:38 GMT; secure; SameSite=None
uid_id2=12976255-2f73-4696-a07c-b1d2d3c83ccc:2:1; expires=Fri, 26 Apr 2024 07:10:38 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 20 Apr 2024 07:10:38 GMT; secure; SameSite=None
uncs=1; expires=Sat, 20 Apr 2024 07:10:38 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 20 Apr 2024 07:10:38 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 20 Apr 2024 07:10:38 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6ce3e6c47e84292689487f76afaf4c0b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ssl.p.jwpcdn.com/player/v/8.24.0/jwpsrv.js | 151.101.194.114 | 200 OK | 20 kB |
URL GET HTTP/1.1ssl.p.jwpcdn.com/player/v/8.24.0/jwpsrv.js IP151.101.194.114:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash1a96e7c0d0040b922d2458e3bc2cfe7f 2088da30a0d3ff7fa3d619f6bfd0661f236494dc e3c5ff38a6b645121ae055d1bb18885c2f185331f58f6229443c2f031684216f
GET /player/v/8.24.0/jwpsrv.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 19890
Cache-Control: max-age=900, immutable
Last-Modified: Tue, 12 Dec 2023 21:44:08 GMT
ETag: "1a96e7c0d0040b922d2458e3bc2cfe7f"
Content-Type: application/javascript
Server: AmazonS3
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 19 Apr 2024 07:10:38 GMT
Via: 1.1 varnish
Age: 819
X-Served-By: cache-hel1410024-HEL
X-Cache: HIT
X-Cache-Hits: 139
X-Timer: S1713510639.622111,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i | 142.250.74.106 | 200 OK | 78 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i IP142.250.74.106:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hashfec61307c7814b015d494dc5d986ece6 12967a0675752aa5751e50b79c597fccb80a2ceb be1e808b36a0e5ee666af92685c83c87cb1a4fadff1ed80ee503f95599412d85
GET /css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 07:10:38 GMT
date: Fri, 19 Apr 2024 07:10:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 35 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1572) Hash1d1c6cbd238e3f8516dd94b72fded1f2 3d8095872109acdfd33356080316ddf5af4be720 ac2c22bf7497f970129c755eec44ae93e3205f00e45066ca6b4a4eb310481894
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 07:10:38 GMT
date: Fri, 19 Apr 2024 07:10:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| grab.nguonphimc.com/img/player-logo.png | 94.242.50.163 | 200 OK | 10 kB |
URL GET HTTP/1.1grab.nguonphimc.com/img/player-logo.png IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
File typePNG image data, 124 x 40, 8-bit/color RGBA, interlaced Hasha9da8ca65d6ba20845e49ae6b63a0a92 f1c7861f134ba1af81047a0fda27027327b736ab 39eb6969b37ac9325026f79f791a7f8a46f9baa5976e3f0aa8b8772730af4e2c
GET /img/player-logo.png HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637; PHPSESSID=58nst721duthperttvvkd1sse4; us_session_id=P70774
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 25 Dec 2017 07:17:53 GMT
Accept-Ranges: bytes
Content-Length: 10065
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 07:10:38 GMT
Connection: close
Content-Type: image/png
|
|
| entitlements.jwplayer.com/GCCG.json | 152.199.22.243 | 400 Bad Request | 71 B |
URL GET HTTP/1.1entitlements.jwplayer.com/GCCG.json IP152.199.22.243:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
Hash5534f424f1d6586164a58758f3e2c51a ef37ca3d8831aaad699430dcaa9967469542d602 f28df38bea81995fd78f9077bff2dfc9d60ee13b8c414bc426c61c0e1b0bee86
GET /GCCG.json HTTP/1.1
Host: entitlements.jwplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://grab.nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 400 Bad Request
Accept-Ranges: bytes
access-control-allow-origin: *
Age: 4853
cache-control: max-age=1800, s-maxage=17040
Content-Type: application/json
Date: Fri, 19 Apr 2024 07:10:38 GMT
Last-Modified: Fri, 19 Apr 2024 05:49:45 GMT
Server: ECAcc (ska/F77E)
X-Cache: 400-HIT
Content-Length: 71
|
|
| grab.nguonphimc.com/ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== | 94.242.50.163 | 206 Partial Content | 110 B |
URL GET HTTP/1.1grab.nguonphimc.com/ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
File typeASCII text, with no line terminators Hash14a90ed998a6606ce5e24c9c245b79a3 6cf538254bdc69eac92d65bf2fe41037067773c8 d6f3f4455ab58578f517d8d816dfd4b1b51a22ba5b658b78f9d53f793bf11fc7
GET /ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637; PHPSESSID=58nst721duthperttvvkd1sse4; us_session_id=P70774
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
X-UA-Compatible: IE=edge,chrome=1
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Content-Range: bytes 0-109/110
Content-Length: 110
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 951 B |
URL GET HTTP/3fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hashe327f58c9c4231b946d8e3e6c14b9220 931ef615b45e7dedfc284d2ad50f55da9d1f07b6 da9b057bcdaf5af10cab0ddeba0164a9795f7cac02b438c2bc155ddfdb48f0fc
GET /css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 07:10:38 GMT
date: Fri, 19 Apr 2024 07:10:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| grab.nguonphimc.com/ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== | 94.242.50.163 | 206 Partial Content | 110 B |
URL GET HTTP/1.1grab.nguonphimc.com/ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
File typeASCII text, with no line terminators Hash14a90ed998a6606ce5e24c9c245b79a3 6cf538254bdc69eac92d65bf2fe41037067773c8 d6f3f4455ab58578f517d8d816dfd4b1b51a22ba5b658b78f9d53f793bf11fc7
GET /ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637; PHPSESSID=58nst721duthperttvvkd1sse4; us_session_id=P70774
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
X-UA-Compatible: IE=edge,chrome=1
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Content-Range: bytes 0-109/110
Content-Length: 110
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| greecewizards.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuunuztgw%2BUHIQgDMFDBHe2f8x0z5hDcI0ri2s2JBG9SXVVz2y51V1NVdf07J4WA5Lj4F%2FQ%2B8xuFk2Q5CoYdDbgYUHIeNqDe%2FHuQSFHkR4HR99Dve9bz1vwvM9TXxzaC%2BLD0vObH6p9ISVd67Tc5rVPPO96c0tkdtQcdcNPw%2Fb1ph6%2B3Qtb7pvN9xO2q9Z813Ndz%2FWaG0InfTVaq0GI%2FHHPa%2FXcVttveZ02Rvq%2FvbEODHXAhxfkVQg%2BW3nuXIZgU2Tpk5uJ2S1U%2FtZ7qZW0UBpDfvJRtpupMkO6LPvaQT87WUxDmRcbz6Cy4zldqOE%2Fg7GYEefHZ4izkwVJxMOjOc9YIskQ8%2F%2BhHE6RyCkEnYKp%2BxD8BQEYx61tZOnDW0qXdO9vlNbojKy8%2FAOinJGVXy4jS79Zl2LUvKukLYTKDEb9CmI0hRhMkdtTFPsNiPIUrPgcgv9E1l5uIUuPto1UEPz8Dc%2FvRaHf6az6%2FShYbYe9cJW6EVuNPe7zgHUDxthcICGmEP0pZDIGNQ1Y48AKB7bvwOYOUn7eZJ7nRS5n1O32GAt4lMQhdz0a9T3quWEXltU7jFHkYzA5BtMHyPUBdsUY2n4Ps1PBcAemIBjyCmVCUBqCkhKUgqAsCMphdcyl8U31kEtjY2%2BR%2FUUOqokqBof0WBWDJCOgegzNq8P8grxSC%2BiszP7EbnLe7MR%2BN46DIOhG7a7XjWLfC8OO2%2BWJz3thHMCICsI0QI2D%2FdrMH9aR1%2FnqDcT0FEaeggkH1L4OWlagOxX2s0fZwKqsGLaYSsFVhbxYQbHnHMoLcmXu4Ob2EyTs7MavwTzAdIVcV%2FhMPCcYyAeTO6okR3dUacjT7bwQqdintbt3C1okl77%2BINkrleabN834q3dYDdTl43uJKbZoxkU2MOTRuuA80RtKs4R8t2k%2BTuLb1uysW53ZfOv2uxubaa4TY4TKpqD1Tr9rMDEj%2F79yb%2F5xr327DaGn0LZCas%2FIIiDUFCw%2FgMmX%2FI0i0HI5E%2BcOSltNtB8vL6UgkMmyp3EF868%2BXtYTTevXVFSH5gEGugFa3EeWVhjqCkNZgcoxjL00KXJ9duPnBY1YNiax1I2jWGr55Vzm%2BngKI86bURC4NOx1vCiiSRS3%2FW4%2F9Dilfjv0w5AGKMysf%2FW13%2F4CAAD%2F%2FwEAAP%2F%2FXR0g%2BZIEAAA%3D | 192.243.61.225 | 200 OK | 7 B |
URL GET HTTP/1.1greecewizards.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuunuztgw%2BUHIQgDMFDBHe2f8x0z5hDcI0ri2s2JBG9SXVVz2y51V1NVdf07J4WA5Lj4F%2FQ%2B8xuFk2Q5CoYdDbgYUHIeNqDe%2FHuQSFHkR4HR99Dve9bz1vwvM9TXxzaC%2BLD0vObH6p9ISVd67Tc5rVPPO96c0tkdtQcdcNPw%2Fb1ph6%2B3Qtb7pvN9xO2q9Z813Ndz%2FWaG0InfTVaq0GI%2FHHPa%2FXcVttveZ02Rvq%2FvbEODHXAhxfkVQg%2BW3nuXIZgU2Tpk5uJ2S1U%2FtZ7qZW0UBpDfvJRtpupMkO6LPvaQT87WUxDmRcbz6Cy4zldqOE%2Fg7GYEefHZ4izkwVJxMOjOc9YIskQ8%2F%2BhHE6RyCkEnYKp%2BxD8BQEYx61tZOnDW0qXdO9vlNbojKy8%2FAOinJGVXy4jS79Zl2LUvKukLYTKDEb9CmI0hRhMkdtTFPsNiPIUrPgcgv9E1l5uIUuPto1UEPz8Dc%2FvRaHf6az6%2FShYbYe9cJW6EVuNPe7zgHUDxthcICGmEP0pZDIGNQ1Y48AKB7bvwOYOUn7eZJ7nRS5n1O32GAt4lMQhdz0a9T3quWEXltU7jFHkYzA5BtMHyPUBdsUY2n4Ps1PBcAemIBjyCmVCUBqCkhKUgqAsCMphdcyl8U31kEtjY2%2BR%2FUUOqokqBof0WBWDJCOgegzNq8P8grxSC%2BiszP7EbnLe7MR%2BN46DIOhG7a7XjWLfC8OO2%2BWJz3thHMCICsI0QI2D%2FdrMH9aR1%2FnqDcT0FEaeggkH1L4OWlagOxX2s0fZwKqsGLaYSsFVhbxYQbHnHMoLcmXu4Ob2EyTs7MavwTzAdIVcV%2FhMPCcYyAeTO6okR3dUacjT7bwQqdintbt3C1okl77%2BINkrleabN834q3dYDdTl43uJKbZoxkU2MOTRuuA80RtKs4R8t2k%2BTuLb1uysW53ZfOv2uxubaa4TY4TKpqD1Tr9rMDEj%2F79yb%2F5xr327DaGn0LZCas%2FIIiDUFCw%2FgMmX%2FI0i0HI5E%2BcOSltNtB8vL6UgkMmyp3EF868%2BXtYTTevXVFSH5gEGugFa3EeWVhjqCkNZgcoxjL00KXJ9duPnBY1YNiax1I2jWGr55Vzm%2BngKI86bURC4NOx1vCiiSRS3%2FW4%2F9Dilfjv0w5AGKMysf%2FW13%2F4CAAD%2F%2FwEAAP%2F%2FXR0g%2BZIEAAA%3D IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerLet's Encrypt Subjectgreecewizards.com Fingerprint0F:9A:82:72:48:5D:30:04:9C:76:2B:10:11:2D:9D:13:CB:F0:C7:97 ValidityTue, 16 Apr 2024 10:14:50 GMT - Mon, 15 Jul 2024 10:14:49 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuunuztgw%2BUHIQgDMFDBHe2f8x0z5hDcI0ri2s2JBG9SXVVz2y51V1NVdf07J4WA5Lj4F%2FQ%2B8xuFk2Q5CoYdDbgYUHIeNqDe%2FHuQSFHkR4HR99Dve9bz1vwvM9TXxzaC%2BLD0vObH6p9ISVd67Tc5rVPPO96c0tkdtQcdcNPw%2Fb1ph6%2B3Qtb7pvN9xO2q9Z813Ndz%2FWaG0InfTVaq0GI%2FHHPa%2FXcVttveZ02Rvq%2FvbEODHXAhxfkVQg%2BW3nuXIZgU2Tpk5uJ2S1U%2FtZ7qZW0UBpDfvJRtpupMkO6LPvaQT87WUxDmRcbz6Cy4zldqOE%2Fg7GYEefHZ4izkwVJxMOjOc9YIskQ8%2F%2BhHE6RyCkEnYKp%2BxD8BQEYx61tZOnDW0qXdO9vlNbojKy8%2FAOinJGVXy4jS79Zl2LUvKukLYTKDEb9CmI0hRhMkdtTFPsNiPIUrPgcgv9E1l5uIUuPto1UEPz8Dc%2FvRaHf6az6%2FShYbYe9cJW6EVuNPe7zgHUDxthcICGmEP0pZDIGNQ1Y48AKB7bvwOYOUn7eZJ7nRS5n1O32GAt4lMQhdz0a9T3quWEXltU7jFHkYzA5BtMHyPUBdsUY2n4Ps1PBcAemIBjyCmVCUBqCkhKUgqAsCMphdcyl8U31kEtjY2%2BR%2FUUOqokqBof0WBWDJCOgegzNq8P8grxSC%2BiszP7EbnLe7MR%2BN46DIOhG7a7XjWLfC8OO2%2BWJz3thHMCICsI0QI2D%2FdrMH9aR1%2FnqDcT0FEaeggkH1L4OWlagOxX2s0fZwKqsGLaYSsFVhbxYQbHnHMoLcmXu4Ob2EyTs7MavwTzAdIVcV%2FhMPCcYyAeTO6okR3dUacjT7bwQqdintbt3C1okl77%2BINkrleabN834q3dYDdTl43uJKbZoxkU2MOTRuuA80RtKs4R8t2k%2BTuLb1uysW53ZfOv2uxubaa4TY4TKpqD1Tr9rMDEj%2F79yb%2F5xr327DaGn0LZCas%2FIIiDUFCw%2FgMmX%2FI0i0HI5E%2BcOSltNtB8vL6UgkMmyp3EF868%2BXtYTTevXVFSH5gEGugFa3EeWVhjqCkNZgcoxjL00KXJ9duPnBY1YNiax1I2jWGr55Vzm%2BngKI86bURC4NOx1vCiiSRS3%2FW4%2F9Dilfjv0w5AGKMysf%2FW13%2F4CAAD%2F%2FwEAAP%2F%2FXR0g%2BZIEAAA%3D HTTP/1.1
Host: greecewizards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=12976255-2f73-4696-a07c-b1d2d3c83ccc:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 62a67391fb1815d75458e5f8da131929
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| grab.nguonphimc.com/ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== | 94.242.50.163 | 206 Partial Content | 110 B |
URL GET HTTP/1.1grab.nguonphimc.com/ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
File typeASCII text, with no line terminators Hash14a90ed998a6606ce5e24c9c245b79a3 6cf538254bdc69eac92d65bf2fe41037067773c8 d6f3f4455ab58578f517d8d816dfd4b1b51a22ba5b658b78f9d53f793bf11fc7
GET /ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637; PHPSESSID=58nst721duthperttvvkd1sse4; us_session_id=P70774
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Date: Fri, 19 Apr 2024 07:10:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
X-UA-Compatible: IE=edge,chrome=1
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Content-Range: bytes 0-109/110
Content-Length: 110
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png | 188.114.97.1 | 200 OK | 6.0 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png IP188.114.97.1:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced Hashc489ce2c491a22ee37a55e26a92dfd73 2fa588ab09e94dd902e5bd24b48f98ad1949c9d6 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:10:39 GMT
content-type: image/png
content-length: 5982
last-modified: Mon, 21 Feb 2022 08:25:06 GMT
etag: "62134c62-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5590643
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2VWROFqy21dz0oJQFtLH4JUazYMM52Ra7Af9aEn0f4si5qzTRItD2GPgJXqjRxeIIffzjRg0yGTAJE0kzR6JWa0WMqjojhKC4REEttyTjcxgkI8ZoRfSL8ZNIgwAyKiEHJ28dmnH4vpK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876b137788a45690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html | 45.133.44.3 | 200 OK | 1.4 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html IP45.133.44.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typeHTML document, ASCII text Hashf7bb5840db6dc487bc0a969e2242f0ed 76419b20f55f5f7dd4cb01bc4aed891b10059b78 c345e1b9825f92110554154eba98444eb92d5b625c6894debd5bdbd3db21e281
GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:10:39 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:42 GMT
etag: W/"6242c2fe-ba1"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 19 Apr 2024 08:10:39 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| greecewizards.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=126 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1greecewizards.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=126 IP192.243.61.225:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=126 HTTP/1.1
Host: greecewizards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png | 45.133.44.10 | 200 OK | 14 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash962ac416cce3fad636d4904386c8d3d4 811166fceb971353dc6a9ea3a153367f20b47592 ec6c8e1c030499a846897265d0c1f66dedc6ece17c1ea6006b700faf37e73555
GET /si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:10:39 GMT
content-type: image/png
content-length: 14496
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:05:10 GMT
etag: "656d25c6-38a0"
expires: Sun, 21 Apr 2024 07:10:39 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| greecewizards.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=218 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1greecewizards.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=218 IP192.243.61.225:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=218 HTTP/1.1
Host: greecewizards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| greecewizards.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=356 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1greecewizards.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=356 IP192.243.61.225:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=356 HTTP/1.1
Host: greecewizards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| unseenreport.com/pxf.gif?uuid=12976255-2f73-4696-a07c-b1d2d3c83ccc&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7 | 192.243.59.13 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=12976255-2f73-4696-a07c-b1d2d3c83ccc&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7 IP192.243.59.13:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=12976255-2f73-4696-a07c-b1d2d3c83ccc&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 19 Apr 2024 07:10:39 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1c564d2e2662f6482c60d1d8b9114f2
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| greecewizards.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=304 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1greecewizards.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=304 IP192.243.61.225:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=304 HTTP/1.1
Host: greecewizards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/1.1fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 18 Apr 2024 17:40:11 GMT
Expires: Fri, 18 Apr 2025 17:40:11 GMT
Cache-Control: public, max-age=31536000
Age: 48629
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
|
|
| greecewizards.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuunuztBz9QchCCMAQPEdzZ%2FphPcwiucWVxzYYkojepr56UW93VVHVPT%2FYUDEiOg39B7zObLJogyVUw6GzAw4KQ8bQH9%2BLdg0KOIj0Ojr6Het%2B3nrfgeZ%2BnvjgozkiIgp5e%2FdDsK63pRqflNy99EgSXmzsqLcbNcb%2F7abd9uWlHbw%2B6Lf%2FN5vuS75mN0A98P%2FCD5payMjbjjRqEyh4PgtbAb7XDVtBpY2z%2F27vCg6MexOiMvAol5mvPvfNQfIY0eXJVur3cZG%2B9lxSa5sZiJI4%2BSvdSU6ZIVmVsPcTp0XIaxr3YegaTPljQhRn9M8jUnHg%2FPgNLj5YkwUaHC55MQ6Zg4n8oRzNIPYOiM3BzD0q8IAAXuLaLNHl4zdiS3vkbpTU6J2sv%2F4Aq52Ttl%2FNIk282tRo3bxpd5MqkDuO4ghrPoIYzZMUx8v0GVHkMnn8OJX4iGy93kCaHu04bKHH6RhAOet2w01kP41603u4OuuvU7%2FF1FohQRLwfcc4XAik1g4pn0HIC6hoonIdCeShiD0XmIRGnTR4EQc8XnPr9AeeR6EnWFX5Ae3FAA7%2FbR8HrHSbIswm4noDbu8jsXeypCWzxPdztCk54cDnBSFQoJUHpCEpKUCqCMicoR9UDoV3oqodCu4IFyxwuc1RNTT48oA9MPpQpAbUTWFEdZGfklVpAb23%2BJ%2FbkabPDwj5jURT1e%2B1%2B0O%2BxMOh2O35fyFAMuiyCUxWUa4A6D%2Fu1mT9sIqvzxStg9BhOH4MrD7R4HbSsQG9X2E8fpcPCpPmoxU0CYSpk%2BRryO96BPiMXFg5u7z6B5CdXfo0WAW4rZLbCZ%2Bo5wVDfn94wJTm8YUpHnu5muUrUPq3dvZnTXJ77%2BgN5pzRWbF91k6%2Fe4TVQl49vSZfv0FSodOjIo00lhLRbxnJJvtt2H0t2vXC3NwubFtnO9Xe3tpPMSueUSWeg9U6%2FW3A1J%2F%2B%2FcGvxcS99uwtlZ7BFhaQ4IcuAMjPw7C5ctuLvDIHVqxmWeSiLampDtrrUikDLVU9ZBfevnq3qqaX1a6qqA3cfQ9sAze8hTSqMbIWRrkD1BK44N80ze3Ll5yUNphtTpm3jkGmrv1zIXB9P4dRpM%2FJFj8lY9phsd9qx5IJ1OsznMWeR6Pc5cjePL772218AAAD%2F%2FwEAAP%2F%2F3cn1EZIEAAA%3D | 192.243.61.225 | 200 OK | 7 B |
URL GET HTTP/1.1greecewizards.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuunuztBz9QchCCMAQPEdzZ%2FphPcwiucWVxzYYkojepr56UW93VVHVPT%2FYUDEiOg39B7zObLJogyVUw6GzAw4KQ8bQH9%2BLdg0KOIj0Ojr6Het%2B3nrfgeZ%2BnvjgozkiIgp5e%2FdDsK63pRqflNy99EgSXmzsqLcbNcb%2F7abd9uWlHbw%2B6Lf%2FN5vuS75mN0A98P%2FCD5payMjbjjRqEyh4PgtbAb7XDVtBpY2z%2F27vCg6MexOiMvAol5mvPvfNQfIY0eXJVur3cZG%2B9lxSa5sZiJI4%2BSvdSU6ZIVmVsPcTp0XIaxr3YegaTPljQhRn9M8jUnHg%2FPgNLj5YkwUaHC55MQ6Zg4n8oRzNIPYOiM3BzD0q8IAAXuLaLNHl4zdiS3vkbpTU6J2sv%2F4Aq52Ttl%2FNIk282tRo3bxpd5MqkDuO4ghrPoIYzZMUx8v0GVHkMnn8OJX4iGy93kCaHu04bKHH6RhAOet2w01kP41603u4OuuvU7%2FF1FohQRLwfcc4XAik1g4pn0HIC6hoonIdCeShiD0XmIRGnTR4EQc8XnPr9AeeR6EnWFX5Ae3FAA7%2FbR8HrHSbIswm4noDbu8jsXeypCWzxPdztCk54cDnBSFQoJUHpCEpKUCqCMicoR9UDoV3oqodCu4IFyxwuc1RNTT48oA9MPpQpAbUTWFEdZGfklVpAb23%2BJ%2FbkabPDwj5jURT1e%2B1%2B0O%2BxMOh2O35fyFAMuiyCUxWUa4A6D%2Fu1mT9sIqvzxStg9BhOH4MrD7R4HbSsQG9X2E8fpcPCpPmoxU0CYSpk%2BRryO96BPiMXFg5u7z6B5CdXfo0WAW4rZLbCZ%2Bo5wVDfn94wJTm8YUpHnu5muUrUPq3dvZnTXJ77%2BgN5pzRWbF91k6%2Fe4TVQl49vSZfv0FSodOjIo00lhLRbxnJJvtt2H0t2vXC3NwubFtnO9Xe3tpPMSueUSWeg9U6%2FW3A1J%2F%2B%2FcGvxcS99uwtlZ7BFhaQ4IcuAMjPw7C5ctuLvDIHVqxmWeSiLampDtrrUikDLVU9ZBfevnq3qqaX1a6qqA3cfQ9sAze8hTSqMbIWRrkD1BK44N80ze3Ll5yUNphtTpm3jkGmrv1zIXB9P4dRpM%2FJFj8lY9phsd9qx5IJ1OsznMWeR6Pc5cjePL772218AAAD%2F%2FwEAAP%2F%2F3cn1EZIEAAA%3D IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerLet's Encrypt Subjectgreecewizards.com Fingerprint0F:9A:82:72:48:5D:30:04:9C:76:2B:10:11:2D:9D:13:CB:F0:C7:97 ValidityTue, 16 Apr 2024 10:14:50 GMT - Mon, 15 Jul 2024 10:14:49 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuunuztBz9QchCCMAQPEdzZ%2FphPcwiucWVxzYYkojepr56UW93VVHVPT%2FYUDEiOg39B7zObLJogyVUw6GzAw4KQ8bQH9%2BLdg0KOIj0Ojr6Het%2B3nrfgeZ%2BnvjgozkiIgp5e%2FdDsK63pRqflNy99EgSXmzsqLcbNcb%2F7abd9uWlHbw%2B6Lf%2FN5vuS75mN0A98P%2FCD5payMjbjjRqEyh4PgtbAb7XDVtBpY2z%2F27vCg6MexOiMvAol5mvPvfNQfIY0eXJVur3cZG%2B9lxSa5sZiJI4%2BSvdSU6ZIVmVsPcTp0XIaxr3YegaTPljQhRn9M8jUnHg%2FPgNLj5YkwUaHC55MQ6Zg4n8oRzNIPYOiM3BzD0q8IAAXuLaLNHl4zdiS3vkbpTU6J2sv%2F4Aq52Ttl%2FNIk282tRo3bxpd5MqkDuO4ghrPoIYzZMUx8v0GVHkMnn8OJX4iGy93kCaHu04bKHH6RhAOet2w01kP41603u4OuuvU7%2FF1FohQRLwfcc4XAik1g4pn0HIC6hoonIdCeShiD0XmIRGnTR4EQc8XnPr9AeeR6EnWFX5Ae3FAA7%2FbR8HrHSbIswm4noDbu8jsXeypCWzxPdztCk54cDnBSFQoJUHpCEpKUCqCMicoR9UDoV3oqodCu4IFyxwuc1RNTT48oA9MPpQpAbUTWFEdZGfklVpAb23%2BJ%2FbkabPDwj5jURT1e%2B1%2B0O%2BxMOh2O35fyFAMuiyCUxWUa4A6D%2Fu1mT9sIqvzxStg9BhOH4MrD7R4HbSsQG9X2E8fpcPCpPmoxU0CYSpk%2BRryO96BPiMXFg5u7z6B5CdXfo0WAW4rZLbCZ%2Bo5wVDfn94wJTm8YUpHnu5muUrUPq3dvZnTXJ77%2BgN5pzRWbF91k6%2Fe4TVQl49vSZfv0FSodOjIo00lhLRbxnJJvtt2H0t2vXC3NwubFtnO9Xe3tpPMSueUSWeg9U6%2FW3A1J%2F%2B%2FcGvxcS99uwtlZ7BFhaQ4IcuAMjPw7C5ctuLvDIHVqxmWeSiLampDtrrUikDLVU9ZBfevnq3qqaX1a6qqA3cfQ9sAze8hTSqMbIWRrkD1BK44N80ze3Ll5yUNphtTpm3jkGmrv1zIXB9P4dRpM%2FJFj8lY9phsd9qx5IJ1OsznMWeR6Pc5cjePL772218AAAD%2F%2FwEAAP%2F%2F3cn1EZIEAAA%3D HTTP/1.1
Host: greecewizards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=12976255-2f73-4696-a07c-b1d2d3c83ccc:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: af1975004343524c52643b1ed0cafdf5
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/1.1fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 18 Apr 2024 02:43:51 GMT
Expires: Fri, 18 Apr 2025 02:43:51 GMT
Cache-Control: public, max-age=31536000
Age: 102409
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
|
|
| greecewizards.com/pixel/sbs?c=1 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1greecewizards.com/pixel/sbs?c=1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerLet's Encrypt Subjectgreecewizards.com Fingerprint0F:9A:82:72:48:5D:30:04:9C:76:2B:10:11:2D:9D:13:CB:F0:C7:97 ValidityTue, 16 Apr 2024 10:14:50 GMT - Mon, 15 Jul 2024 10:14:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: greecewizards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=12976255-2f73-4696-a07c-b1d2d3c83ccc:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js | 188.114.97.1 | 200 OK | 10 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js IP188.114.97.1:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash4f5f05ab032dd8fc0db448fcf51a35e2 78f94f93fdb792d95ea3ac293ac1b8e3bc13d609 7fd8e9c0e5ca0c7123954a109fa8b7e8368c7e1262880925e2ac7b8c877a9e38
GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:10:39 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:08 GMT
etag: W/"62134c64-17e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4H7mJkPyJAsJQqEv3mLu49%2ByOXsYyAcyyo6RHbKUxpyMu8319ZQVmyfliTKZgFXkZn52Qptn9s%2FbqXPC2RhrPQw3nEWIY6wE6RQvHtKEKqAqb%2FRgggyT9n715GUIRaKu62IJIp%2BXjas%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876b1378696e5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687-2-e496443.html | 94.242.50.163 | 200 OK | 282 B |
URL POST HTTP/1.1nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687-2-e496443.html IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Hash7757bc22412460d19abacd615def1281 7fe3481164c4ba50016c4d0bd2427655b5266502 007e4fd3c1cc61b635f9d59eee7e4b93a550c72a6ace03e76ad89cabf051ecd3
POST /xem-phim/rick-va-morty-2-rick-morty-season-2-f39687-2-e496443.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 87
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754; _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637; dom3ic8zudi28v8lr6fgphwffqoz0j6c=12976255-2f73-4696-a07c-b1d2d3c83ccc%3A2%3A1; sb_page_5b28bb3338748187b2166508de2d96b3=1; sb_onpage_5b28bb3338748187b2166508de2d96b3=1; sb_main_5b28bb3338748187b2166508de2d96b3=1; sb_count_5b28bb3338748187b2166508de2d96b3=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:48 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 282
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496443&aesp=2&user=P70754&tim=1713510648&key=rlatn6GZVW5qbWVnaGVpbGhsX1auqZmmkp2dWG5ksA | 94.242.50.163 | | 5.1 kB |
URL GET grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496443&aesp=2&user=P70754&tim=1713510648&key=rlatn6GZVW5qbWVnaGVpbGhsX1auqZmmkp2dWG5ksA IP94.242.50.163:0
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash6908fc6350d540a2dcbf3b23c8b0823d fa0775f738d79abaf3b7a113e0175eee68124fa6 cbfdd60afa0a6f594c1aef5cfa5ac6c2147881c676bfa34c336df5b56c711476
GET /embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496443&aesp=2&user=P70754&tim=1713510648&key=rlatn6GZVW5qbWVnaGVpbGhsX1auqZmmkp2dWG5ksA HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637; PHPSESSID=58nst721duthperttvvkd1sse4; us_session_id=P70774
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:48 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 5058
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_icon-1.svg | 142.250.74.35 | 200 OK | 4.2 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash61c52a7c357ff9c0bd2866eaff7bc159 9f043cef2635c50aa41e83418ef890298a8e7d77 474da759080ee5faa1db2e19ce52d444fa7f82f2480402e9c57f6f235a8b0414
GET /fundingchoices/allowads/blockers/firefox/abp_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1772
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:19:24 GMT
expires: Fri, 18 Apr 2025 03:19:24 GMT
cache-control: public, max-age=31536000
age: 100274
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css | 188.114.97.1 | 200 OK | 4.6 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css IP188.114.97.1:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (4886), with no line terminators Hash1230b98f01a549572edcd2bf3bdcb4ad ac87a2a752ffb8b5167566183fddd531d7971be9 9a2954fc66ebbb9adf18c2ea4403d2a0a5dedf2928f9905e1fc656f5dc1b208d
GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:10:39 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-1209"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dmmM3uAj4mUuN2jZ%2BHhUKJ5hgEb49H%2B2Ft4RluOyFcQQ7H8mqtreSqdVW2kS1HEAaF5TYvjCYY4hJJrTrbNXYvRidrtXYedLzwbySFB0boBf84TTwNpy%2BbWHEDG4aoarRmv5W6LpvLu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876b1376dffc5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| grab.nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 | 94.242.50.163 | 200 OK | 77 kB |
URL GET HTTP/1.1grab.nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637; PHPSESSID=58nst721duthperttvvkd1sse4; us_session_id=P70774
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Sun, 19 May 2024 07:10:38 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close
|
|
| ssl.p.jwpcdn.com/player/plugins/vast/v/8.10.0/vast.js | 0.0.0.0 | | 0 B |
URL GET ssl.p.jwpcdn.com/player/plugins/vast/v/8.10.0/vast.js IP0.0.0.0:0
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70754&tim=1713510638&key=rVatn6GZVG5qbWVnZ2VpbGdsXlauqZmmkZ2dWG5krw
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player/plugins/vast/v/8.10.0/vast.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 31611
Cache-Control: max-age=31536000, immutable
Last-Modified: Thu, 02 Dec 2021 18:13:12 GMT
ETag: "88bdba98e65bc6103f4f8d3324cb4830"
Content-Type: text/plain
Server: AmazonS3
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 19 Apr 2024 07:10:38 GMT
Via: 1.1 varnish
Age: 895366
X-Served-By: cache-hel1410034-HEL
X-Cache: HIT
X-Cache-Hits: 2356
X-Timer: S1713510639.623284,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/1.1fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeASCII text, with very long lines (7172), with no line terminators Hashf6441a8715a3262bd8b948695cb21ec1 d780f0f2a15fa247d5775bf257fd91fba03acd69 e6ab9e206388bcd17bb40c29f0ca96a2e0c77288aab3d3c3c1d4db118dec1e89
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 19 Apr 2024 07:10:39 GMT
Date: Fri, 19 Apr 2024 07:10:39 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css | 188.114.97.1 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css IP188.114.97.1:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hashfc638645a938f69e69360c75335ffd1a 143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4 7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90
GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:10:39 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6o7O9RZe3WlETHCNsqghuBNeiySg5iJ3tVXLZAIPyWJwi6M5mA6Hko2%2BdYZfaok7oexFAiRkqP4nYqa6egXZpHO1Z5ch8MTP5DSrtrpkTyeRzO7BY283V35yMdHl5vg0npBC%2Byh5KqcC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876b1376dfff5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js | 188.114.97.1 | 200 OK | 90 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js IP188.114.97.1:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:10:39 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:09 GMT
etag: W/"62134c65-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4321295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sKHhHX1fRau2n%2Fx1W6V4lkLDrkFZhLOMpf9L6PhEwijS7xa5hfbXRRl646ZPSe%2BP53tPDq8xnGBciO3KuVhWDBP3jDxJP%2BK9hdvu6sD0DeL8LfPLemG1DMoYONVFFK4%2F5%2FebzAm1XAFY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876b137798a65690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/themes/np/images/icon-search-menu.png | 94.242.50.163 | 200 OK | 1.2 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/icon-search-menu.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced Hashe573652e7d75f6471431e9fd48ca706c ef9de78ae35eb6d6f3e04744612c7bed87c3a5ee 49cd4ed8ef5f3b960bdb9a9024f1b4a83b96e39425a339fd1afc2486709c432b
GET /themes/np/images/icon-search-menu.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754; _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1229
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 07:10:37 GMT
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 | 94.242.50.163 | 200 OK | 77 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=2h494u748ia8p9m3ksi5bk66q0; us_session_id=P70754; _ga_DDD7EKFG6W=GS1.1.1713510636.1.0.1713510636.0.0.0; _ga=GA1.1.867157867.1713510637
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Sun, 19 May 2024 07:10:37 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 | 216.58.207.227 | 200 OK | 5.5 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5548, version 1.0 Hashcdaab83619fcacd4027a77c99dd51e69 9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4 4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:33:52 GMT
expires: Fri, 18 Apr 2025 17:33:52 GMT
cache-control: public, max-age=31536000
age: 49005
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|