phimno4.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://phimno4.xyz/phim/bup-be-ma-am-1019/
Submission: On September 16 via api (September 16th 2023, 1:40:53 pm UTC) from US — Scanned from NL

Summary HTTP 60 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 60 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is phimno4.xyz.
TLS certificate: Issued by GTS CA 1P5 on July 29th 2023. Valid for: 3 months.

This is the only time phimno4.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
25	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::ac43:b984	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
60	12

15 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

phimno4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:b984 (United States)

ASN13335 (CLOUDFLARENET, US)

images.phimno1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	wp.com i1.wp.com — Cisco Umbrella Rank: 9592	1 MB
15	phimno4.xyz phimno4.xyz	246 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 117	2 KB
3	blogspot.com 2.bp.blogspot.com — Cisco Umbrella Rank: 14639	70 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 9099	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98	394 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2787 www.google.com — Cisco Umbrella Rank: 2	660 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44	21 KB
2	phimno1.com images.phimno1.com	165 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	134 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	90 KB
60	11

	Domain	Requested by
25	i1.wp.com	phimno4.xyz
15	phimno4.xyz	phimno4.xyz
3	www.facebook.com	phimno4.xyz connect.facebook.net
3	2.bp.blogspot.com	phimno4.xyz
2	www.google.nl	phimno4.xyz
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	images.phimno1.com	phimno4.xyz
2	www.googletagmanager.com	phimno4.xyz www.googletagmanager.com
2	connect.facebook.net	phimno4.xyz connect.facebook.net
1	www.google.com	phimno4.xyz
1	region1.analytics.google.com	www.googletagmanager.com
60	12

This site contains links to these domains. Also see Links.

Domain
bit.ly
t.me
fb.com
www.youtube.com
www.i9bet127.com

Subject Issuer	Validity	Valid
phimno4.xyz GTS CA 1P5	`2023-07-29` - `2023-10-27`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-25` - `2023-09-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
phimno1.com GTS CA 1P5	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://phimno4.xyz/phim/bup-be-ma-am-1019/
Frame ID: 5EBE043CF9A7E84AA8BC3D74AD2953D5
Requests: 58 HTTP requests in this frame

Frame: https://www.facebook.com/v16.0/plugins/like.php?action=like&app_id=2081071355509818&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246d4343aaf94%26domain%3Dphimno4.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fphimno4.xyz%252Ff39237d814ad9dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fphimno1.com%2Fphim%2Fbup-be-ma-am-1019%2F&layout=button_count&locale=vi_VN&sdk=joey&share=true&show_faces=false
Frame ID: DEDECEF9AC8198B96CAAB8CC8B305DED
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v16.0/plugins/comments.php?app_id=2081071355509818&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df36c3380b704%26domain%3Dphimno4.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fphimno4.xyz%252Ff39237d814ad9dc%26relation%3Dparent.parent&color_scheme=light&container_width=711&height=100&href=https%3A%2F%2Fphimno1.com%2Fphim%2Fbup-be-ma-am-1019%2F&locale=vi_VN&numposts=10&sdk=joey&version=v16.0&width=
Frame ID: 0AE240551C320CF7C4F1AC1BC53A738B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Phim Búp Bê Ma Ám - Annabelle (2014) Full HD-Vietsub

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

100 %
HTTPS

92 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

1771 kB
Transfer

2642 kB
Size

4
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://bit.ly/phimno1dotcom
Title: PhimNo4.XYZ

Search URL Search Domain Scan URL

URL: https://t.me/phimno1
Title: Telegram

Search URL Search Domain Scan URL

URL: https://fb.com/phimno1dotcom
Title: Facebook

Search URL Search Domain Scan URL

URL: https://t.me/contact_phimno1
Title: @contact_phimno1

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=A-AaXjUS1I4
Title: Trailer

Search URL Search Domain Scan URL

URL: https://www.i9bet127.com/Register?a=22766

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
phimno4.xyz/phim/bup-be-ma-am-1019/ 55 KB
12 KB 154ms
70ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c3387011e68ef986f9d3d686556deb7dc8a8771a6007bb74c349889a379886

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 807985fc5fc80a68-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 16 Sep 2023 13:40:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elhCiIZ8CmEWXdsKRMT%2FGMDCU1skt16QjHhOPJ2WVrvKaoeK1ZVAKJwm8p2b7hk4es5DjUqU7H6nyzvBRChuDDVrjuq8xL%2Ff3N%2F3TYmSq5EwY1BaqsBG39GgTNBEMtJPUZF60X7vi%2Fwkzw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
vary: Accept-Encoding
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always

GET
H2 200 all.css
phimno4.xyz/statics/defaultv2/css/ 212 KB
39 KB 40ms
39ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phimno4.xyz/statics/defaultv2/css/all.css?v=082023

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12d014d5591e64e206b1ef94c73544cd158412c203c2a224e63a664673de5ec

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68200
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Aug 2023 19:53:46 GMT
server: cloudflare
etag: W/"64c962ca-34f7d"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjUasRSHz0NYNZDi8%2F1XKvP%2BepN5QaZlAP8%2BQIvFpO9i9U5HQjJPOQ4R5rm%2BAcLG%2FAIXveFD8RYAg9RHCnSNOeB4rhglQAUWztgvsajDAXv00ceNDHNjNtuS5G47opIoLkT%2FqFg11WqpAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 807985fcd88d0a68-AMS
expires: Sat, 14 Sep 2024 18:44:08 GMT

GET
H2 200 mobile-detect.min.js Show response
phimno4.xyz/statics/js/ 39 KB
17 KB 37ms
37ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phimno4.xyz/statics/js/mobile-detect.min.js?v=06092022

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aaaf41e7fbaca1be0bfc9e35cb4bda7c2340ef786b65f802b4d6bab476e7661

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68200
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 27 Aug 2022 01:33:23 GMT
server: cloudflare
etag: W/"63097463-9aa1"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VorBJBMGGe8DtlmkNz7wMOv4YnoKoL9Nvyz5iNPileb30uFCtIzKMlBHn0pwMm52szZ3ycE9aZ2FgCwYXGGY1Zrn7NS2u7fSNGspnTG8gxDp20d7nDlSyH0FwjNjJE8ZHngfwRgGqVilXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 807985fcd8910a68-AMS
expires: Sat, 14 Sep 2024 18:44:08 GMT

GET
H2 200 /
2.bp.blogspot.com/-Hi6zgN9-NXc/WZ_q5HxhpYI/AAAAAAAANUY/z9Do-lM1_NkY7VoTg3Tbt9dN4daBbTAfgCHMYCw/w300/ 21 KB
21 KB 219ms
74ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-Hi6zgN9-NXc/WZ_q5HxhpYI/AAAAAAAANUY/z9Do-lM1_NkY7VoTg3Tbt9dN4daBbTAfgCHMYCw/w300/

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0a1067650fee4342ef3c9ca655d0c52610bfce16ad5cf24476f81bde080c9c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
server: fife
etag: "v3548"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="annabelle_2014.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21135
x-xss-protection: 0
expires: Sun, 17 Sep 2023 13:40:48 GMT

GET
H2 200 Annabelle-2-Creation.md.jpg
i1.wp.com/images.phimno1.com/images/2020/05/30/ 16 KB
16 KB 137ms
67ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/2020/05/30/Annabelle-2-Creation.md.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6555b37ddd4350012fb94131dd40325b8ff497be1f11ba4f0ad210154a12efb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2023 14:21:25 GMT
server: nginx
etag: "8db49efb79d073ac"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/2020/05/30/Annabelle-2-Creation.md.jpg>; rel="canonical"
content-length: 16364
expires: Sun, 14 Sep 2025 02:21:25 GMT

GET
H2 200 oPvHdcF.jpg
i1.wp.com/images.phimno1.com/imgur/m/ 120 KB
120 KB 136ms
67ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/imgur/m/oPvHdcF.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d8fe81871ed7b575a8f1a88e6dd780d1fdf076bd9c3f61a094f72edff41f9cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2023 14:21:25 GMT
server: nginx
etag: "c82ce8f840fe866a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/imgur/m/oPvHdcF.jpg>; rel="canonical"
content-length: 122998
expires: Sun, 14 Sep 2025 02:21:25 GMT

GET
H2 200 /
2.bp.blogspot.com/-LkqOpUAWhGY/WZ_vss_sr0I/AAAAAAAANU4/QNmGe42yLeY5RK5fxZPLtsgEwcAQmhySACHMYCw/w300/ 44 KB
44 KB 374ms
230ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-LkqOpUAWhGY/WZ_vss_sr0I/AAAAAAAANU4/QNmGe42yLeY5RK5fxZPLtsgEwcAQmhySACHMYCw/w300/

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a7ad0057b1a749754f2d4cd380a8201ac79cf8a9a634a4b922c8c62222279598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v354f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="baby_blues_2013.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44714
x-xss-protection: 0
expires: Sun, 17 Sep 2023 13:40:49 GMT

GET
H2 200 eLY8IXF.jpg
i1.wp.com/images.phimno1.com/imgur/m/ 122 KB
122 KB 137ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/imgur/m/eLY8IXF.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

29305244406aac0253a89ddaa7b420996e1b3a4314f2bee86d2756350a9827d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2023 14:21:25 GMT
server: nginx
etag: "29d945259093629a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/imgur/m/eLY8IXF.jpg>; rel="canonical"
content-length: 124480
expires: Sun, 14 Sep 2025 02:21:25 GMT

GET
H2 200 SRSlKyT.jpg
i1.wp.com/images.phimno1.com/imgur/m/ 133 KB
133 KB 136ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/imgur/m/SRSlKyT.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

71cb3720f66649a4812e0c262c268211e0d523f457345f2377cc9edfa81f7b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2023 14:21:25 GMT
server: nginx
etag: "0aa0eace684f8a73"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/imgur/m/SRSlKyT.jpg>; rel="canonical"
content-length: 136356
expires: Sun, 14 Sep 2025 02:21:25 GMT

GET
H2 200 pjXojFk.jpg
i1.wp.com/images.phimno1.com/imgur/m/ 110 KB
110 KB 137ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/imgur/m/pjXojFk.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

54f4150f93e7c420f10a4cafaf03b7ac708e1900a4a1ba93bd1d7f05b285a864

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2023 14:21:25 GMT
server: nginx
etag: "76caaa5f0ce8bd3c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/imgur/m/pjXojFk.jpg>; rel="canonical"
content-length: 112132
expires: Sun, 14 Sep 2025 02:21:25 GMT

GET
H2 200 p30jBrN.jpg
i1.wp.com/images.phimno1.com/imgur/m/ 139 KB
139 KB 136ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/imgur/m/p30jBrN.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b09c80aed30672c9911df61932640c42f8291c411ec025a48226632669fc040f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Sep 2023 13:25:31 GMT
server: nginx
etag: "6bf56f19782a0e65"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/imgur/m/p30jBrN.jpg>; rel="canonical"
content-length: 141952
expires: Fri, 12 Sep 2025 01:25:31 GMT

GET
H2 200 SX02t8x.jpg
i1.wp.com/images.phimno1.com/imgur/m/ 57 KB
58 KB 117ms
67ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/imgur/m/SX02t8x.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

c471552917ba6d1b2e2024182cd2cdb4ec51ef6f181e36435d87b6b94de9f593

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 Jul 2023 10:21:30 GMT
server: nginx
etag: "0f9348c1273b599a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/imgur/m/SX02t8x.jpg>; rel="canonical"
content-length: 58872
expires: Sun, 06 Jul 2025 22:21:30 GMT

GET
H2 200 Wt070nL.jpg
i1.wp.com/images.phimno1.com/imgur/m/ 98 KB
99 KB 117ms
67ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/imgur/m/Wt070nL.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f391fdb498aa562bd062320146bbb59f5dd94057c6ff760b0aea70eb12846ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Sep 2023 18:04:57 GMT
server: nginx
etag: "bd42a91dac77a548"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/imgur/m/Wt070nL.jpg>; rel="canonical"
content-length: 100838
expires: Sun, 07 Sep 2025 06:04:57 GMT

GET
H2 200 Nymphomaniac-1-2013.th.jpg
i1.wp.com/images.phimno1.com/images/ 8 KB
8 KB 117ms
67ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/Nymphomaniac-1-2013.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6f843cbf415f301aca87129216573ef1728bb8a7a51822c60ce367e7cfe2cbf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 10 Sep 2023 18:51:14 GMT
server: nginx
etag: "111503748b600ff6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/Nymphomaniac-1-2013.th.jpg>; rel="canonical"
content-length: 8476
expires: Wed, 10 Sep 2025 06:51:14 GMT

GET
H2 200 Pacific-Rim.th.jpg
i1.wp.com/images.phimno1.com/images/ 12 KB
13 KB 118ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/Pacific-Rim.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

dbb55bf37335101ff791506000073b5a406fad04b1e1db82aaf14b94a0c518e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Aug 2023 21:23:19 GMT
server: nginx
etag: "7cc99cfc25653c4c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/Pacific-Rim.th.jpg>; rel="canonical"
content-length: 12718
expires: Sun, 03 Aug 2025 09:23:19 GMT

GET
H2 200 A3KK1sc.jpg
i1.wp.com/images.phimno1.com/imgur/m/ 93 KB
93 KB 75ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/imgur/m/A3KK1sc.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

415019919b7a230513fbb989fbb561211afc747bfb70750133781a517a7cbc74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 18:37:59 GMT
server: nginx
etag: "824e432540f57813"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/imgur/m/A3KK1sc.jpg>; rel="canonical"
content-length: 94846
expires: Mon, 09 Jun 2025 06:37:59 GMT

GET
H2 200 /
2.bp.blogspot.com/-Hi6zgN9-NXc/WZ_q5HxhpYI/AAAAAAAANUY/z9Do-lM1_NkY7VoTg3Tbt9dN4daBbTAfgCHMYCw/w120/ 5 KB
5 KB 204ms
60ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-Hi6zgN9-NXc/WZ_q5HxhpYI/AAAAAAAANUY/z9Do-lM1_NkY7VoTg3Tbt9dN4daBbTAfgCHMYCw/w120/

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f74a0677ed826d49cf1e75e46ac51e973854812165885105d49437877bd148b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:10:34 GMT
x-content-type-options: nosniff
age: 1814
content-disposition: inline;filename="annabelle_2014.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5281
x-xss-protection: 0
server: fife
etag: "v3548"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 17 Sep 2023 13:10:34 GMT

GET
H2 200 Intimacy-2001.th.jpg
i1.wp.com/images.phimno1.com/images/ 7 KB
7 KB 69ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/Intimacy-2001.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

147bf0be00f6e00c3d3fec213e3aa8810c188c83ee047ed7e69c319f932bd2c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 8
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 10 Sep 2023 19:27:36 GMT
server: nginx
etag: "4f0da2d952eefd7d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/Intimacy-2001.th.jpg>; rel="canonical"
content-length: 7028
expires: Wed, 10 Sep 2025 07:27:36 GMT

GET
H2 200 American-Beauty-1999-poster.th.jpg
i1.wp.com/images.phimno1.com/images/2020/07/17/ 4 KB
5 KB 69ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/2020/07/17/American-Beauty-1999-poster.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

de4627c08de65f6580f8134ae3775abbf6037e6926dfec30e5eb38a4912d1248

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Sep 2023 03:12:36 GMT
server: nginx
etag: "249d3a5e8ca9468d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/2020/07/17/American-Beauty-1999-poster.th.jpg>; rel="canonical"
content-length: 4512
expires: Mon, 08 Sep 2025 15:12:36 GMT

GET
H2 200 a91e2ab6d4d97076e3f17d6892d420b8.th.jpg
i1.wp.com/images.phimno1.com/images/2023/05/27/ 5 KB
5 KB 69ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/2023/05/27/a91e2ab6d4d97076e3f17d6892d420b8.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f175f6cd5202ea3826738ecff6dc8460ee91a4d6782187e5495bd036476e809a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Sep 2023 17:38:04 GMT
server: nginx
etag: "221b250b2abee06a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/2023/05/27/a91e2ab6d4d97076e3f17d6892d420b8.th.jpg>; rel="canonical"
content-length: 5156
expires: Fri, 12 Sep 2025 05:38:04 GMT

GET
H2 200 Kung-Fu-Panda-2008.th.jpg
i1.wp.com/images.phimno1.com/images/2020/08/28/ 10 KB
10 KB 69ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/2020/08/28/Kung-Fu-Panda-2008.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d4773e3bfe889c03b40e1618672a6d89e893196b76da6cb67192a0724fe13635

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 06 Aug 2023 20:21:36 GMT
server: nginx
etag: "0bcb710db043abea"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/2020/08/28/Kung-Fu-Panda-2008.th.jpg>; rel="canonical"
content-length: 10376
expires: Wed, 06 Aug 2025 08:21:36 GMT

GET
H2 200 Under-the-Dome-Season-1.th.jpg
i1.wp.com/images.phimno1.com/images/2020/10/31/ 6 KB
6 KB 69ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/2020/10/31/Under-the-Dome-Season-1.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

14a17b534124f562c96a01ce2bec1ca4400865161f652413bec6af4c43747379

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 Jul 2023 10:21:30 GMT
server: nginx
etag: "4879ca2588cd66f3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/2020/10/31/Under-the-Dome-Season-1.th.jpg>; rel="canonical"
content-length: 5950
expires: Sun, 06 Jul 2025 22:21:30 GMT

GET
H2 200 Under-the-Dome-Season-2.th.jpg
i1.wp.com/images.phimno1.com/images/2020/10/31/ 10 KB
10 KB 69ms
69ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/2020/10/31/Under-the-Dome-Season-2.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e54035ed420ee95e6bdc3edfefbda04a4c4e3d7ce582eed9a68f558e0765a1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Aug 2023 12:17:36 GMT
server: nginx
etag: "3df77d8306cac250"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/2020/10/31/Under-the-Dome-Season-2.th.jpg>; rel="canonical"
content-length: 9908
expires: Fri, 01 Aug 2025 00:17:36 GMT

GET
H2 200 The-Strain-Season-1.th.jpg
i1.wp.com/images.phimno1.com/images/2020/10/03/ 7 KB
7 KB 69ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/2020/10/03/The-Strain-Season-1.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

51323c630f88d636e140e0d4fcabf40f3f29d9ec4d7e1b51c904d2cf3022dcd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Aug 2023 10:54:53 GMT
server: nginx
etag: "04eb9ce4427a07fc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/2020/10/03/The-Strain-Season-1.th.jpg>; rel="canonical"
content-length: 7196
expires: Sun, 10 Aug 2025 22:54:53 GMT

GET
H2 200 Shameless-Season-1-2011.th.jpg
i1.wp.com/images.phimno1.com/images/2020/07/07/ 14 KB
14 KB 70ms
69ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/2020/07/07/Shameless-Season-1-2011.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6a6188a4f4c3d2e2f9a49c4ddbaf0288c085489a0c132a97a768804448ebc076

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Jan 2023 16:05:49 GMT
server: nginx
etag: "1d9c0d9232e171df"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/2020/07/07/Shameless-Season-1-2011.th.jpg>; rel="canonical"
content-length: 14390
expires: Thu, 09 Jan 2025 04:05:49 GMT

GET
H2 200 2-Broke-Girls-Season-4.th.jpg
i1.wp.com/images.phimno1.com/images/2020/08/01/ 13 KB
13 KB 71ms
70ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/2020/08/01/2-Broke-Girls-Season-4.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

2143be13db4ec89b6faead6af9fc235ee8bd0cd3da7355de233c5b5e1d17ba5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 13 Aug 2023 17:41:11 GMT
server: nginx
etag: "7693ff9e2cf2fa57"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/2020/08/01/2-Broke-Girls-Season-4.th.jpg>; rel="canonical"
content-length: 13354
expires: Wed, 13 Aug 2025 05:41:11 GMT

GET
H2 200 Lost-Season-3.th.jpg
i1.wp.com/images.phimno1.com/images/2020/09/21/ 14 KB
15 KB 70ms
69ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/2020/09/21/Lost-Season-3.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

a364f95380cf14f8f9cca8b4a9c754be4ad98750704e38dd824032f42d06bbbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Jun 2023 12:58:28 GMT
server: nginx
etag: "66379f8e86dafd78"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/2020/09/21/Lost-Season-3.th.jpg>; rel="canonical"
content-length: 14832
expires: Thu, 19 Jun 2025 00:58:28 GMT

GET
H2 200 Shameless-Season-5-2015.th.jpg
i1.wp.com/images.phimno1.com/images/2021/01/05/ 11 KB
12 KB 70ms
69ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/2021/01/05/Shameless-Season-5-2015.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

cad67e59d915ccf27655f757e7bd32909a27096c21fd634a0da8c1a47a45b94f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 07:31:18 GMT
server: nginx
etag: "a1a6acc541a9d131"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/2021/01/05/Shameless-Season-5-2015.th.jpg>; rel="canonical"
content-length: 11492
expires: Wed, 23 Jul 2025 19:31:18 GMT

GET
H2 200 Narcos-Season-1.th.jpg
i1.wp.com/images.phimno1.com/images/2020/10/07/ 12 KB
12 KB 70ms
69ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/2020/10/07/Narcos-Season-1.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

bc8096cbf8356fa1ed70762c309c9bf881dc13778f1d8f1780804c6509a93c82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 8
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 10 Sep 2023 18:51:14 GMT
server: nginx
etag: "13613543d9c4f48e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/2020/10/07/Narcos-Season-1.th.jpg>; rel="canonical"
content-length: 12234
expires: Wed, 10 Sep 2025 06:51:14 GMT

GET
H2 200 American-Horror-Story-Season-1-Murder-House-2011.th.jpg
i1.wp.com/images.phimno1.com/images/2021/01/05/ 5 KB
5 KB 70ms
70ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/2021/01/05/American-Horror-Story-Season-1-Murder-House-2011.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

9f2dba7f0212d8f53803a52e5c2a71eb3d0b11362f748986e817c2f1d47c1e8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Sat, 19 Aug 2023 11:16:12 GMT
server: nginx
etag: "29fca45f707f235b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/2021/01/05/American-Horror-Story-Season-1-Murder-House-2011.th.jpg>; rel="canonical"
content-length: 5326
expires: Mon, 18 Aug 2025 23:16:12 GMT

GET
H2 200 Lost-Girl-Season-2.th.jpg
i1.wp.com/images.phimno1.com/images/2020/08/06/ 10 KB
10 KB 71ms
70ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/images.phimno1.com/images/2020/08/06/Lost-Girl-Season-2.th.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

3f07cdbe53759814f6e8ff063604a4b4990c73c4cb1e17c5bffda1b1dbb9b747

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 16 Sep 2023 13:40:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 10 Sep 2023 20:04:04 GMT
server: nginx
etag: "be80866c71070fe2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://images.phimno1.com/images/2020/08/06/Lost-Girl-Season-2.th.jpg>; rel="canonical"
content-length: 10264
expires: Wed, 10 Sep 2025 08:04:04 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
phimno4.xyz/statics/js/ 88 KB
32 KB 40ms
39ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phimno4.xyz/statics/js/jquery-3.6.1.min.js?v=18072022

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45977
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: cloudflare
etag: W/"63090485-15e40"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJUwWwlB78YpL8RSa%2FmbC5WKRqo8QWlmdkc4CWV9Nrg72Hceg1iUJMC9SwELjWoOTP01t1m%2BOkVAvWyZmyDV2k9PGWCBL4Ekd%2FnoONddQ3GgfafNBaPRzQmh9DPJKYRyJ435OLhjqE82uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 807985fd18ef0a68-AMS
expires: Sun, 15 Sep 2024 00:54:31 GMT

GET
H2 200 jquery.bootstrap-growl.min.js Show response
phimno4.xyz/statics/defaultv2/js/ 1 KB
975 B 35ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phimno4.xyz/statics/defaultv2/js/jquery.bootstrap-growl.min.js?v=18072022

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7870b22e307ce15510ed21f1151ece0842e2c2394503a3e0a4847478f322c24a

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68200
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2016 02:10:24 GMT
server: cloudflare
etag: W/"56d4fa10-4eb"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0bvDWwhRDfu6acrvICBLAE%2F4l4uG4Beyim2WbXn5Q1wu9md2YDq4PPbIgI6GfEThPIPkBq82jJtIRA0QlCoZ4TGTCoXTBRd5rtv92xRXnK2hKLJe%2B%2FfpAh1%2FwkZa4qlKeK1xPM5GCGMkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 807985fd18f80a68-AMS
expires: Sat, 14 Sep 2024 18:44:08 GMT

GET
H3 200 jquery.magnific-popup.min.js Show response
phimno4.xyz/statics/defaultv2/js/ 21 KB
8 KB 40ms
39ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phimno4.xyz/statics/defaultv2/js/jquery.magnific-popup.min.js?v=18072022

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab7725780dc0bd1bf9517d99c5c3610ebe9393f67d750f045631880fe253c4c9

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2082
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2016 02:10:24 GMT
server: cloudflare
etag: W/"56d4fa10-5216"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHIWUhhbCc9tvhWIpfGNZ1seB6x1uXqE1FEpDcEMTtm5i6upJ%2FsF45jzGQOOasydWHRWBVBaHvBikHChV5j2DDT7Tm1H%2FsPy7Fx1uw9pfCv9vMPYBG8YfeER6tyKg5ouN%2FCjQO8qHzjtuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 807985fd4bc01ca7-AMS
expires: Sun, 15 Sep 2024 13:06:06 GMT

GET
H3 200 owl.carousel.min.js Show response
phimno4.xyz/statics/defaultv2/js/ 23 KB
7 KB 67ms
62ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phimno4.xyz/statics/defaultv2/js/owl.carousel.min.js?v=18072022

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

652eff6b13594ead1619a52f2889c535e61f3aeb713395cbfcb067d9df23b8b9

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2081
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2016 02:10:24 GMT
server: cloudflare
etag: W/"56d4fa10-5d24"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FhpNRvoWQpQhJZJI%2FyJlfopka8wNkHxVRsz%2FUSLmmQPyPQZSoVVmTAyaXoJAYb0xFOh0rwk3ZsrqKD58CM4L8%2BJd167%2BufxHfga4o9r3%2FcWptif6joHXTXANNns%2B5eJDC%2FpO0LBCTAPHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 807985fd4bcd1ca7-AMS
expires: Sun, 15 Sep 2024 13:06:07 GMT

GET
H3 200 pl.notie.js Show response
phimno4.xyz/statics/defaultv2/js/ 27 KB
5 KB 68ms
62ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phimno4.xyz/statics/defaultv2/js/pl.notie.js?v=18072022

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa3631462b8b1bc8347420039389d257bb2c9c26a1ae50a4869aba126da6662

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2081
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2016 02:10:24 GMT
server: cloudflare
etag: W/"56d4fa10-6ba5"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xZL6XLyNu%2B4CS5P6JSZYqg7ryTnWEYnDIlEBYJD9%2BolMJk74i9PSe7cmgiCNI2%2Bo20WiSRt%2BAshd4AJk9lXsnVyQWJoAhJW3XbtyiSVluS5XAxn1PVFFZnDYVD15c0Uuhis0HujRKe%2FsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 807985fd4bd11ca7-AMS
expires: Sun, 15 Sep 2024 13:06:07 GMT

GET
H3 200 jquery.cookie.js Show response
phimno4.xyz/statics/defaultv2/js/ 993 B
1 KB 68ms
63ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phimno4.xyz/statics/defaultv2/js/jquery.cookie.js?v=18072022

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

463b99dfb3fa81d269f7508768da9f4ca229416b1b8e68177a30d0291868f945

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2081
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2016 02:10:24 GMT
server: cloudflare
etag: W/"56d4fa10-3e1"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMg1L5GJrOW4R%2FeDT617tnz8fYIuvLVXgEhNUT%2Bmeurd2f0ZRM2hJBHvlTvzt0%2BJT7PqS8pHc9W9kXM76p6oX6RPLaukvNutMMLCljkwsCYStLSYedJjCCz%2F8wOQcFtJ3Bu%2FLIAZcn8xFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 807985fd4bd51ca7-AMS
expires: Sun, 15 Sep 2024 13:06:07 GMT

GET
H3 200 pl.public.js Show response
phimno4.xyz/statics/defaultv2/js/ 10 KB
4 KB 41ms
36ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phimno4.xyz/statics/defaultv2/js/pl.public.js?v=18072022

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f941b50707e3b9bc12e778edeb76123a058bb49efdd71f046154936abf0da847

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2080
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2016 02:10:24 GMT
server: cloudflare
etag: W/"56d4fa10-265d"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2B6GNdFRKFuhxEXDRe9EGv9TdnORO%2B4isXsucUXXRda%2FOfzNGJzFpXCrZgPEvhDMOr0ImODZLFLbpGXbvlwaEwt4LI7v8VuHvCwiQGKyxiOlypwWmlH%2BtIvVsoxM7vjIiHXRG6na%2Fkis3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 807985fd4bd71ca7-AMS
expires: Sun, 15 Sep 2024 13:06:08 GMT

GET
H3 200 pl.subscribe.js Show response
phimno4.xyz/statics/defaultv2/js/ 3 KB
2 KB 40ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phimno4.xyz/statics/defaultv2/js/pl.subscribe.js

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5986190471aacb279b743cfe475e3706283b444ecd8e58eac4cab7b47794f7af

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 590478
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2016 02:10:24 GMT
server: cloudflare
etag: W/"56d4fa10-c8d"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKbT%2BtwKZSljtP0lfGV3CslvY0AHDMHKKii3agLq9RKRGGJ5xNkJR%2F39fjMh%2BySAfd%2FDHFVmqYNqPiE%2BV%2FZiULj3yn3EjP0OjouA22d650fP4nd4aNuouKtu6Re4q7JBdzIi2LGe%2BCqtfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 807985fd4bd91ca7-AMS
expires: Sun, 08 Sep 2024 17:39:30 GMT

GET
H3 200 bootstrap.js Show response
phimno4.xyz/statics/defaultv2/js/ 56 KB
11 KB 69ms
64ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phimno4.xyz/statics/defaultv2/js/bootstrap.js

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecfc5053919c4bc6886d9421139bb47dd971c9be5ede7f80a9adfff7977632e4

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2080
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2016 02:10:24 GMT
server: cloudflare
etag: W/"56d4fa10-df92"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzwEGbJ6LmqkAzqO%2FuPpB13GSrzZNvNm18nTcGC%2FrVk2Fdx78RT%2BsHZVTn08Zu%2F57Fodqsn1c%2BvdBPpGmRGBXNZH24vuZG1%2B0aAf3eQ%2FuRFdWNrW58IZII3o8UPmAJfSVhx4kiIEtOfNqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 807985fd4bdc1ca7-AMS
expires: Sun, 15 Sep 2024 13:06:08 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 106ms
32ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7e678d9344bcc2bb32cf9cf16077e2c3a8a18144723212f266e3fe81681895d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
Origin: https://phimno4.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 16 Sep 2023 13:40:48 GMT
content-md5: hAyMm0actBEVC4UkzYOw5A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-debug: A1iThXJf4OKUxZpHwSzS3A4YgfyxIaZ9f4GGfLL0DxCTqs7MqgH8S9D/fPToHFR3clepATxTTPKRnW+O13Jvsg==
x-fb-content-md5: d3463cba1082d15d54592943d5a9168d
cross-origin-opener-policy: same-origin-allow-popups
etag: "5776d156fa1582714c4061f938b118f5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 16 Sep 2023 13:47:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 130 KB
51 KB 125ms
50ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-105443016-1

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7ccf0156ab2aa0009bd1b8b89fd1c0b6360fb1ea859ca1bc02d3d74f4660510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 16 Sep 2023 13:40:48 GMT

GET
H3 200 img.png
phimno4.xyz/statics/defaultv2/images/ 37 KB
37 KB 82ms
82ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phimno4.xyz/statics/defaultv2/images/img.png

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/statics/defaultv2/css/all.css?v=082023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f73e1dc4121a0decdd92def27341d3afb4775fd808a0b8d7352754ac7519cf57

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/statics/defaultv2/css/all.css?v=082023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2082
alt-svc: h3=":443"; ma=86400
content-length: 37625
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 21 Aug 2017 08:22:32 GMT
server: cloudflare
etag: "599a9848-92f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdnSgnrw7HAUfg%2BhE4KBChJO05nDHj6oCwwV4sH%2F3rTiqSIJ%2BLQNl7QgfV4nY6id2HMye1v9dNM%2FU0ErNQuxvdgVjTGYK6UqcfpabXP5YeotdGn9LETK3N4Xdkyb4KN%2B0J8%2FsNttwDq6fA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 807985fd4be71ca7-AMS
expires: Sun, 15 Sep 2024 13:06:06 GMT

GET
H3 200 icomoon.woff
phimno4.xyz/statics/defaultv2/fonts/ 3 KB
4 KB 105ms
104ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phimno4.xyz/statics/defaultv2/fonts/icomoon.woff?ld5vnx

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/statics/defaultv2/css/all.css?v=082023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

597e862fd505e9f2357ce32c812ffc83890977ac119bd69865b3adb56816c8a6

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Referer: https://phimno4.xyz/statics/defaultv2/css/all.css?v=082023
Origin: https://phimno4.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 590478
alt-svc: h3=":443"; ma=86400
content-length: 3256
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2016 02:10:24 GMT
server: cloudflare
etag: "56d4fa10-cb8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qebRax330YQaRtbV1ZlTQZU%2FkkVMJsoC1v8ABCNLSCYUS13%2Fj11T0WjG%2BgdjHwOzvQwNmPK0VXtJcaeyCnBXOrSp017Us7hvXSEis4N4wpmrUVas%2FzYLmilHfavOX%2B3MyV%2FCDgfmPjDlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 807985fd5beb1ca7-AMS
expires: Sun, 08 Sep 2024 17:39:30 GMT

GET
H3 200 fontawesome-webfont.woff
phimno4.xyz/statics/defaultv2/fonts/ 64 KB
65 KB 107ms
107ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phimno4.xyz/statics/defaultv2/fonts/fontawesome-webfont.woff?v=4.3.0

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/statics/defaultv2/css/all.css?v=082023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Referer: https://phimno4.xyz/statics/defaultv2/css/all.css?v=082023
Origin: https://phimno4.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:48 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 65452
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2016 02:10:24 GMT
server: cloudflare
etag: "56d4fa10-ffac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPdRW2h2SkFiROq%2FQ4eNOC7oCLmQkFRTwEL93t%2Fjv3Be3DfmRGEfYdWAk6TnYlqE9ndpz98rd7%2BbHASbFWOvvWQS%2BNI7d3vrSNyXwI5z5cTDvndF762yuFRFlL%2BhWZaqnSinPQxIPoGBzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 807985fd5bec1ca7-AMS
expires: Sun, 15 Sep 2024 13:40:48 GMT

GET
H2 200 77cab49a79d9ff882228c58c833d16ae.gif
images.phimno1.com/images/2023/08/14/ 78 KB
78 KB 179ms
92ms Image
image/gif 2606:4700:3035::ac43:b984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.phimno1.com/images/2023/08/14/77cab49a79d9ff882228c58c833d16ae.gif

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b984 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c01503c425d94ecae08819e45250f1725407994c74d7e6995984182f1eaaf032

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:49 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 79408
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Aug 2023 09:52:05 GMT
server: cloudflare
etag: "64d9f945-13630"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhv64qART7oLA0J3U1r56SCD%2BcaLsRGAF1s2mW0eReRLLJGC0%2BIdi46iZoiR6pHgi40woOajAsmzmFPBDTkBU%2Fj5Ezwdz2LrgqLKXyPKhMUtkSQRttTg1ucnX8qMW29YtVF9dUodzYF%2FnWHPfm%2FeSF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 807985fe8c8a1caa-AMS
expires: Sun, 15 Sep 2024 13:40:49 GMT

GET
H2 200 c2760546a18a97c5d79a439759464c29.jpg
images.phimno1.com/images/2023/08/14/ 86 KB
87 KB 119ms
36ms Image
image/jpeg 2606:4700:3035::ac43:b984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.phimno1.com/images/2023/08/14/c2760546a18a97c5d79a439759464c29.jpg

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b984 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fd6ef0aebaff14bb75f42ee61a4220a3080daed9927bc2eeb7c62f527bcfe85

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:49 GMT
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545497
alt-svc: h3=":443"; ma=86400
content-length: 88282
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Aug 2023 09:52:05 GMT
server: cloudflare
etag: "64d9f945-158da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZoKW61jqrjrmjx3X80WGADxx8IOHwp4B6jDqvUA9p5CMJYpZgOz2dR%2BpCMYGg9Z9jP3okLDEfJW76eDS%2FJL9%2FIu6rw8Kg52FKUfbBHNJ8yOcCIhDtjhaWxO3zeWpBzfLToRVKK%2Fm4Erkfk2oDpT8mw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 807985fe8c8d1caa-AMS
expires: Mon, 09 Sep 2024 06:09:12 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 308 KB
87 KB 34ms
33ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=a48ce479ecbd838e165d35b10232be59

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

845e6c290a96d16f2727c89004c8ce70d59dfab140b849ab6bd0e643034a9943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
Origin: https://phimno4.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 16 Sep 2023 13:40:48 GMT
content-md5: T+B5xQFc1mZ4J3SDEzaACA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89090
x-fb-debug: O+gM8zBCTNJ0IiaUY2s+R/mTNUKx54r1TnMLt8uxCTZdOi0xk/WcwKU8N+RcA9BblCpYGShHuOCAq92EuMOAuQ==
x-fb-content-md5: 8da0245c37267fd1367a10a8a2d36869
cross-origin-opener-policy: same-origin-allow-popups
etag: "c972376dc3508b9a82416c544eeadf93"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 15 Sep 2024 13:15:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4DP4K2Q8Z0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105443016-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f67bf4091d52e11eb7db4900b8407df56c76304c304b0e5af65f7b4f431073f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:40:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85432
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 16 Sep 2023 13:40:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 107ms
32ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105443016-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 16 Sep 2023 11:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6988
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 16 Sep 2023 13:44:21 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 246ms
31ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2081071355509818&ev=fb_page_view&dl=https%3A%2F%2Fphimno4.xyz%2Fphim%2Fbup-be-ma-am-1019%2F&rl=&if=false&ts=1694871649066&sw=1600&sh=1200&at=

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 16 Sep 2023 13:40:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 160ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4DP4K2Q8Z0&gtm=45je39d0&_p=453356647&_gaz=1&cid=2008647720.1694871649&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1694871649&sct=1&seg=0&dl=https%3A%2F%2Fphimno4.xyz%2Fphim%2Fbup-be-ma-am-1019%2F&dt=Phim%20B%C3%BAp%20B%C3%AA%20Ma%20%C3%81m%20-%20Annabelle%20(2014)%20Full%20HD-Vietsub&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4DP4K2Q8Z0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Sep 2023 13:40:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://phimno4.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 164ms
33ms Ping
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4DP4K2Q8Z0&cid=2008647720.1694871649&gtm=45je39d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4DP4K2Q8Z0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Sep 2023 13:40:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://phimno4.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 199ms
69ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4DP4K2Q8Z0&cid=2008647720.1694871649&gtm=45je39d0&aip=1&z=1974238514

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Sep 2023 13:40:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 39ms
39ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=453356647&t=pageview&_s=1&dl=https%3A%2F%2Fphimno4.xyz%2Fphim%2Fbup-be-ma-am-1019%2F&ul=en-us&de=UTF-8&dt=Phim%20B%C3%BAp%20B%C3%AA%20Ma%20%C3%81m%20-%20Annabelle%20(2014)%20Full%20HD-Vietsub&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=614576668&gjid=1535794240&cid=2008647720.1694871649&tid=UA-105443016-1&_gid=1440663802.1694871649&_r=1&gtm=457e39d0&jsscut=1&z=929897886

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 16 Sep 2023 13:40:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://phimno4.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 36ms
34ms XHR
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-105443016-1&cid=2008647720.1694871649&jid=614576668&gjid=1535794240&_gid=1440663802.1694871649&_u=YADAAUAAAAAAACAAI~&z=1228235884

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 16 Sep 2023 13:40:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://phimno4.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 144ms
72ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-105443016-1&cid=2008647720.1694871649&jid=614576668&_u=YADAAUAAAAAAACAAI~&z=2038594518

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Sep 2023 13:40:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 71ms
71ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-105443016-1&cid=2008647720.1694871649&jid=614576668&_u=YADAAUAAAAAAACAAI~&z=2038594518

Requested by

Host: phimno4.xyz
URL: https://phimno4.xyz/phim/bup-be-ma-am-1019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Sep 2023 13:40:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 like.php Show response
www.facebook.com/v16.0/plugins/ Frame DEDE 0
1 KB 64ms
63ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v16.0/plugins/like.php?action=like&app_id=2081071355509818&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246d4343aaf94%26domain%3Dphimno4.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fphimno4.xyz%252Ff39237d814ad9dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fphimno1.com%2Fphim%2Fbup-be-ma-am-1019%2F&layout=button_count&locale=vi_VN&sdk=joey&share=true&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=a48ce479ecbd838e165d35b10232be59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Sep 2023 13:40:49 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: ZpeoDaqGetqFb+tlCYZIbNewl4TCdPbKSm8YxSwNZhfE/po6jPu2kqTsqtb9HMc2ohaRJCMgaSslfKGPOSS1iA==
x-xss-protection: 0

GET
H2 200 comments.php
www.facebook.com/v16.0/plugins/ Frame 0AE2 0
0 64ms
64ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v16.0/plugins/comments.php?app_id=2081071355509818&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df36c3380b704%26domain%3Dphimno4.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fphimno4.xyz%252Ff39237d814ad9dc%26relation%3Dparent.parent&color_scheme=light&container_width=711&height=100&href=https%3A%2F%2Fphimno1.com%2Fphim%2Fbup-be-ma-am-1019%2F&locale=vi_VN&numposts=10&sdk=joey&version=v16.0&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=a48ce479ecbd838e165d35b10232be59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://phimno4.xyz/phim/bup-be-ma-am-1019/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Sep 2023 13:40:49 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: fy9JV/Do3NbPRQOQJ3uizuAk7jzENVry//TSe3TQQQWHW9jseZ2pJEfJik/gZ9vcHnE3FgMPfj1VkNxF0T3NYg==
x-frame-options: DENY
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.phimno4.xyz/	1970-01-21 00:23:51	Name: _ga_4DP4K2Q8Z0 Value: GS1.1.1694871649.1.0.1694871649.60.0.0
.phimno4.xyz/	1970-01-21 00:23:51	Name: _ga Value: GA1.2.2008647720.1694871649
.phimno4.xyz/	1970-01-20 14:49:18	Name: _gid Value: GA1.2.1440663802.1694871649
.phimno4.xyz/	1970-01-20 14:47:51	Name: _gat_gtag_UA_105443016_1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
connect.facebook.net
i1.wp.com
images.phimno1.com
phimno4.xyz
region1.analytics.google.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
192.0.77.2
2001:4860:4802:34::36
2606:4700:3035::ac43:b984
2a00:1450:4001:800::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:400c:c02::9c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
0a1067650fee4342ef3c9ca655d0c52610bfce16ad5cf24476f81bde080c9c7b
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
147bf0be00f6e00c3d3fec213e3aa8810c188c83ee047ed7e69c319f932bd2c7
14a17b534124f562c96a01ce2bec1ca4400865161f652413bec6af4c43747379
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1fd6ef0aebaff14bb75f42ee61a4220a3080daed9927bc2eeb7c62f527bcfe85
2143be13db4ec89b6faead6af9fc235ee8bd0cd3da7355de233c5b5e1d17ba5d
29305244406aac0253a89ddaa7b420996e1b3a4314f2bee86d2756350a9827d3
3f07cdbe53759814f6e8ff063604a4b4990c73c4cb1e17c5bffda1b1dbb9b747
415019919b7a230513fbb989fbb561211afc747bfb70750133781a517a7cbc74
463b99dfb3fa81d269f7508768da9f4ca229416b1b8e68177a30d0291868f945
51323c630f88d636e140e0d4fcabf40f3f29d9ec4d7e1b51c904d2cf3022dcd6
54f4150f93e7c420f10a4cafaf03b7ac708e1900a4a1ba93bd1d7f05b285a864
56c3387011e68ef986f9d3d686556deb7dc8a8771a6007bb74c349889a379886
597e862fd505e9f2357ce32c812ffc83890977ac119bd69865b3adb56816c8a6
5986190471aacb279b743cfe475e3706283b444ecd8e58eac4cab7b47794f7af
5aa3631462b8b1bc8347420039389d257bb2c9c26a1ae50a4869aba126da6662
652eff6b13594ead1619a52f2889c535e61f3aeb713395cbfcb067d9df23b8b9
6555b37ddd4350012fb94131dd40325b8ff497be1f11ba4f0ad210154a12efb3
6a6188a4f4c3d2e2f9a49c4ddbaf0288c085489a0c132a97a768804448ebc076
6aaaf41e7fbaca1be0bfc9e35cb4bda7c2340ef786b65f802b4d6bab476e7661
6f843cbf415f301aca87129216573ef1728bb8a7a51822c60ce367e7cfe2cbf3
71cb3720f66649a4812e0c262c268211e0d523f457345f2377cc9edfa81f7b7d
7870b22e307ce15510ed21f1151ece0842e2c2394503a3e0a4847478f322c24a
845e6c290a96d16f2727c89004c8ce70d59dfab140b849ab6bd0e643034a9943
9f2dba7f0212d8f53803a52e5c2a71eb3d0b11362f748986e817c2f1d47c1e8c
a364f95380cf14f8f9cca8b4a9c754be4ad98750704e38dd824032f42d06bbbb
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a7ad0057b1a749754f2d4cd380a8201ac79cf8a9a634a4b922c8c62222279598
ab7725780dc0bd1bf9517d99c5c3610ebe9393f67d750f045631880fe253c4c9
b09c80aed30672c9911df61932640c42f8291c411ec025a48226632669fc040f
b7e678d9344bcc2bb32cf9cf16077e2c3a8a18144723212f266e3fe81681895d
bc8096cbf8356fa1ed70762c309c9bf881dc13778f1d8f1780804c6509a93c82
c01503c425d94ecae08819e45250f1725407994c74d7e6995984182f1eaaf032
c12d014d5591e64e206b1ef94c73544cd158412c203c2a224e63a664673de5ec
c471552917ba6d1b2e2024182cd2cdb4ec51ef6f181e36435d87b6b94de9f593
cad67e59d915ccf27655f757e7bd32909a27096c21fd634a0da8c1a47a45b94f
d4773e3bfe889c03b40e1618672a6d89e893196b76da6cb67192a0724fe13635
d8fe81871ed7b575a8f1a88e6dd780d1fdf076bd9c3f61a094f72edff41f9cbb
dbb55bf37335101ff791506000073b5a406fad04b1e1db82aaf14b94a0c518e0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4627c08de65f6580f8134ae3775abbf6037e6926dfec30e5eb38a4912d1248
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54035ed420ee95e6bdc3edfefbda04a4c4e3d7ce582eed9a68f558e0765a1f0
ecfc5053919c4bc6886d9421139bb47dd971c9be5ede7f80a9adfff7977632e4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f175f6cd5202ea3826738ecff6dc8460ee91a4d6782187e5495bd036476e809a
f391fdb498aa562bd062320146bbb59f5dd94057c6ff760b0aea70eb12846ae4
f67bf4091d52e11eb7db4900b8407df56c76304c304b0e5af65f7b4f431073f9
f73e1dc4121a0decdd92def27341d3afb4775fd808a0b8d7352754ac7519cf57
f74a0677ed826d49cf1e75e46ac51e973854812165885105d49437877bd148b2
f7ccf0156ab2aa0009bd1b8b89fd1c0b6360fb1ea859ca1bc02d3d74f4660510
f941b50707e3b9bc12e778edeb76123a058bb49efdd71f046154936abf0da847

phimno4.xyz Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

92 %IPv6

11 Domains

12 Subdomains

12 IPs

3 Countries

1771 kBTransfer

2642 kBSize

4 Cookies

6 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

phimno4.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

92 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

1771 kB
Transfer

2642 kB
Size

4
Cookies

60 HTTP transactions
0 data transactions