urlscan.io logo urlscan.io
SecurityTrails logo

phimonlinehay.com Open in urlscan Pro
2606:4700:3030::ac43:d476  Public Scan

Go To Rescan Add Verdict Report
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Submission: On September 20 via api from KR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3030::ac43:d476, located in United States and belongs to CLOUDFLARENET, US. The main domain is phimonlinehay.com. The Cisco Umbrella rank of the primary domain is 750938.
TLS certificate: Issued by WE1 on September 17th 2024. Valid for: 3 months.
This is the only time phimonlinehay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
21 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 23.109.170.224 7979 (SERVERS-COM)
1 23.109.170.27 7979 (SERVERS-COM)
3 2a03:2880:f17... 32934 (FACEBOOK)
47 9
15    2606:4700:3030::ac43:d476 (United States)

ASN13335 (CLOUDFLARENET, US)
phimonlinehay.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
21    2606:4700:3030::ac43:d9e3 (United States)

ASN13335 (CLOUDFLARENET, US)
media.xemfree.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    23.109.170.224 (Netherlands)

ASN7979 (SERVERS-COM, US)
wenedisbud.com
1    23.109.170.27 (Netherlands)

ASN7979 (SERVERS-COM, US)
intinepollist.com
3    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
21 xemfree.com
media.xemfree.com
374 KB
15 phimonlinehay.com
phimonlinehay.com — Cisco Umbrella Rank: 750938
55 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3310
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
83 KB
1 intinepollist.com
intinepollist.com
2 KB
1 wenedisbud.com
wenedisbud.com
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
103 KB
0 histats.com Failed
s10.histats.com Failed
47 9
Domain Requested by
21 media.xemfree.com phimonlinehay.com
15 phimonlinehay.com phimonlinehay.com
3 www.facebook.com connect.facebook.net
2 region1.google-analytics.com www.googletagmanager.com
2 connect.facebook.net phimonlinehay.com
connect.facebook.net
1 intinepollist.com phimonlinehay.com
1 wenedisbud.com phimonlinehay.com
1 www.googletagmanager.com phimonlinehay.com
0 s10.histats.com Failed phimonlinehay.com
47 9
Subject Issuer Validity Valid
phimonlinehay.com
WE1		 2024-09-17 -
2024-12-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-29 -
2024-09-27		 3 months crt.sh
xemfree.com
WE1		 2024-08-16 -
2024-11-14		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
wenedisbud.com
R11		 2024-09-08 -
2024-12-07		 3 months crt.sh
intinepollist.com
R11		 2024-08-07 -
2024-11-05		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Frame ID: 3D31BF7F3E71665F7EBE8944C4E7EABA
Requests: 36 HTTP requests in this frame

Frame: https://phimonlinehay.com/include/adonly1.php
Frame ID: 3AB5A2DBDA2152E4449098C2936F08A9
Requests: 4 HTTP requests in this frame

Frame: https://phimonlinehay.com/include/cpmgo1.php
Frame ID: 5D333E3D528AA27F341E7A03441C11B4
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?action=like&app_id=917392018275088&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df54f796c42473598b%26domain%3Dphimonlinehay.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fphimonlinehay.com%252Ff19bfc63594f17ca1%26relation%3Dparent.parent&container_width=410&href=https%3A%2F%2Fphimonlinehay.com%2Fxem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html&layout=button_count&locale=vi_VN&sdk=joey&share=true&show_faces=true
Frame ID: 744C11AAF34EECFB2709584AE4A7C44C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/comments.php?app_id=917392018275088&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df91171f55b8e7811a%26domain%3Dphimonlinehay.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fphimonlinehay.com%252Ff19bfc63594f17ca1%26relation%3Dparent.parent&color_scheme=light&container_width=405&height=100&href=http%3A%2F%2Fxem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html%2F&locale=vi_VN&numposts=5&sdk=joey&version=v2.0&width=405
Frame ID: 22C9545160480C33484EE022F91C006F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like_box.php?app_id=917392018275088&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df400de3d52caf05af%26domain%3Dphimonlinehay.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fphimonlinehay.com%252Ff19bfc63594f17ca1%26relation%3Dparent.parent&color_scheme=light&container_width=249&header=false&height=180&href=https%3A%2F%2Fwww.facebook.com%2Fphimonhay&locale=vi_VN&sdk=joey&show_border=true&show_faces=true&stream=false&width=250
Frame ID: 017033EB98C05E5F30DEDD20F45E3612
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Xem Phim Bản Sắc Anh Hùng - A Better Tomorrow Việt Sub (2010) - Xem Phim Online Hay, Xem Phim Online Nhanh

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

98 %
HTTPS

75 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

617 kB
Transfer

1271 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
phimonlinehay.com/ 		41 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
655211853e3a4cb10721a34f4591fe03f6d567267dad6d8f25fafa1eeed8590c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c5f26a3bf9135fa-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 20 Sep 2024 04:42:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ictWQTAMp%2BL95D%2FzgtbXWllmzY2JB%2FOSvZenfDDZ%2FPEQm4NIJjfednwe2UPhyNVhT%2FmUc9MvEZB%2BRbuQgQWDvRI72HWS1qp0z4RPKvIYoBDl6ldv3cICt7c4HlEMTHi5y6ze75LIAW58uFh75dAaHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
x-powered-by
PHP/7.2.34
speculation
phimonlinehay.com/cdn-cgi/ 		128 B
473 B 		Other
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/cdn-cgi/speculation
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://phimonlinehay.com
Referer
https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B0FteNB6f2CfqDWvUDRuL7qGDVPeoewcPnsnAKukx%2BUy5NsPnrcQH7c0D0iNBXMYlubXcB4KbxxLyq7tErqGpIpRtSxHJQMH3cvfMiut5UchON82H2VdJYJ6PY3uzEgLgZcLXlXnIibQO0NXthQzyw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a558bf35fa-FRA
access-control-allow-origin
https://phimonlinehay.com
alt-svc
h3=":443"; ma=86400
content-length
128
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
sdk.js
connect.facebook.net/vi_VN/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/vi_VN/sdk.js
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
743b6cf8841108c2b2a63b75fca4ca81ecbb7fe1ea70ed04d2bb61693983424e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

content-md5
cpOZtazvyjg2pxDuZXrJfw==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"ca9ac96001a7316758695334b0b5dbf3"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Fri, 20 Sep 2024 04:51:54 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=1200s
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=1
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
23ac9235ba94371dff6db3eeac2d1fcd
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4457, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
UBN7hPXV2Cxi1WEE5+3xmUXG/YWN4tVk8aBBuUKo1k4edD0jhowUqXIiv7KtDVBuGrhqbe42asio4PoH4R7Vpw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1687
phimonline.css
phimonlinehay.com/jquery/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/jquery/phimonline.css?b=28
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1282d676678be73ef1e034570b283c96a267d28a7d537bc8eb9c5d0ec5d9cb91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"5aa4-5ff2fd35a2780"
age
15927
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=43IyPosRwrcBtz8siBVqoPvSXtcV2y9%2BBgMtlRYAJWN%2Bj0XzJSp89rAPSpJlc5%2FEmMDdx%2B4lLLzk8MA03%2B5wB5BzNRiMy%2FFwVOso4rGX7csV65a4VeUucjVvLaz85t4KU9GSFXg3AHltfaUGpBPb2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=23204
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
text/css
last-modified
Wed, 28 Jun 2023 12:35:58 GMT
vary
Accept-Encoding
cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c5f26a558ba35fa-FRA
server
cloudflare
jquery.min.js
phimonlinehay.com/jquery/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/jquery/jquery.min.js
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd8381153708e8a5a7a6a6b69692828455b6d066358f48ba4a12fd8588bfdddf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"12ed8-4f5e3701a5d80"
age
5362786
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iFUFTqw1zcGKvWHxZOh0T%2FxA5bRrXjo4Ei0DwPXYZUet7BFg2u1pCAohpJbSnv%2BIM%2B%2BB%2BSD8EuIoUKZ6qCOm0qi2uJlRAAH7hNAed5iSAcyHBZcbk2l7qAIbjbOcMPORwqZAd5pMqgLEH4OfQCUZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a558c235fa-FRA
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
application/javascript
last-modified
Mon, 31 Mar 2014 09:11:34 GMT
vary
Accept-Encoding
server
cloudflare
khaibao.js
phimonlinehay.com/jquery/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/jquery/khaibao.js?b=28
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfb455693a20ddc038ab9008134cb1597a8c92407a4983e9abb9d642923ebb25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"ed9-60af979641300"
age
5362786
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BazbnOjFdP4iW84q5R0byzzViUhrVadMrPjlNtwVhAhHgSP6Gk4ClhfQf0V%2BJQgzjJfAbI6AutFfxIo5UlV88VWUzPzl2CCBDxUsMVLXNLuQT13632mFKdRXRv8M%2F5N4CjLtuNitguFWWJrsHsvQTw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=3801
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
application/javascript
last-modified
Sat, 25 Nov 2023 12:47:40 GMT
vary
Accept-Encoding
cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c5f26a558c335fa-FRA
server
cloudflare
hamchung.js
phimonlinehay.com/jquery/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/jquery/hamchung.js?b=28
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ca171dd890a3ef6c3ad9713b2a1e2d84764200a3a4bb70ba896b7d7632b650

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"3b25-6023b97995b80"
age
5362786
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gs9%2B8eLU%2B%2B5AS%2FQkBiJU%2FDdh%2FMmHeboR1nj%2BPgwvFlfW%2BjOUNd1x3Tnc3o7IOVn2pN%2F1%2Fk2fPse5YwlkhBfQ09uIjFt6LuapeHo0BhlAOOaWhksfvV2Ms%2F0iT8Bcul0aCon06Lgm4xyC3HhaQi8W4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=15141
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
application/javascript
last-modified
Sun, 06 Aug 2023 06:53:50 GMT
vary
Accept-Encoding
cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c5f26a558c635fa-FRA
server
cloudflare
phimonline.js
phimonlinehay.com/jquery/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/jquery/phimonline.js?b=28
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc28922b00b88ae568a1db1186097eade336970d9e418f5b7f723f61be563f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"68f-5ad4de5f9e580"
age
15927
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gcrGM1gJEuBEbqDG4jhPVJ5sYgOLlHkX%2F7oPcrAsyRE7XVj%2FgaVOy0O%2BunsmwHScfZjPjFbquZtLr6UZ7SSGPbeC4Esu282tmkiE3OK8nQwE1Li4i%2Fj2rBYJQO1v3xuG2GWCSnKzUk9ASv1L1MCmJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=1679
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
application/javascript
last-modified
Thu, 20 Aug 2020 12:02:46 GMT
vary
Accept-Encoding
cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c5f26a558c735fa-FRA
server
cloudflare
ahome.png
media.xemfree.com/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/images/ahome.png
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb9cae24413b027ce098b4850c64cbe9cbbbcea4718d0c27842481d2d65f916a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cf-cache-status
HIT
etag
"42050c-194a-501d0c73c5ac0"
age
15652037
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GQ%2BogVUa9s7uiBW%2B1AnMA8xeOzxMX8jx0YAzG%2FtiH%2Bl2S7lp%2FEZjERB8gjipVcMijp1ne5vU007IVuxq0avRmXv4J0U0A1A65M9X9lvfsWzTZCJO4qXTXC%2BgiCM3IXIFyH8qJFOwQuQJeVuUB%2BIMYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/png
last-modified
Sat, 30 Aug 2014 03:58:11 GMT
vary
Accept-Encoding
cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c5f26a5896e4d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6474
server
cloudflare
sdk.js
connect.facebook.net/vi_VN/ 		283 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/vi_VN/sdk.js?hash=523b7850e2f12da08ba298215ff61e1d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
77e86e213260f6b6171a3cb33b9eaa92fe62ceb00aa6f78c83f97b6b85bc3947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://phimonlinehay.com
Referer
https://phimonlinehay.com/

Response headers

content-md5
vaqLMG7IDWDX4L1dDoCvoA==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"6a6573adbd5367262469748bf5b928f9"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 20 Sep 2025 03:52:55 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
565974e17b7bc4e774b154ea6cdccf9f
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4455, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
qdeLm9k9nCDOEkMB1u2SRhttwxYHyTj4APHMEBhju1qzLHMLlThg3Hqjd17DZat/1DwFmrsqteOrwuE5HHCE9Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
82673
origin-agent-cluster
?0
js
www.googletagmanager.com/gtag/ 		309 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T48GQEVJN2
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
59c69c64f582e62e01e9e53472c24db9114543dbd54c271a3b0cdf2546374f30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 20 Sep 2024 04:42:48 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104912
date
Fri, 20 Sep 2024 04:42:48 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
search-dark.png
media.xemfree.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/images/search-dark.png
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/jquery/phimonline.css?b=28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a4929539d96d844618c29aa3c29e80adcc6e86174dff7b401dd262eb3b872a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cf-cache-status
HIT
etag
"4204cb-cb5-4f5e015db0fc0"
age
15655215
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wrO7TiY4pD5HNb1u%2FexDRSmqYnUP1iXT0VEmhuMC1cavWFPlElcFTHFq1ZlblQfE4lp9OJv5SRIdFQ3anbPOalt%2B2l4ylHnVGw4T7BiS9Lqf996Bk4xclgSOXYXOu%2FTcAN3LwN3fLHJ5qvqINtpn7g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/png
last-modified
Mon, 31 Mar 2014 05:11:35 GMT
vary
Accept-Encoding
cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c5f26a5f9cd4d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3253
server
cloudflare
adonly1.php
phimonlinehay.com/include/ Frame 3AB5 		753 B
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/include/adonly1.php
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/jquery/hamchung.js?b=28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
7f979eef5fea7c03fbe18fabe14b1ba65e9fb808f866ba52c45a5bbfb6c1f52f

Request headers

Referer
https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c5f26a65d149bb8-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 20 Sep 2024 04:42:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHDCNkaAcFdgzjE%2BfnGYRCVGDXQYXzOxB%2FQafd3W14lWGUjuRkDNCA8SzAhaHu7xqS47GYYxJ6YkGtRVelevJKN%2FdYkSqxkrorZELcRizTpTWHfA1V5gc7u6AxSd6QSxyDVPQswUjUBDp8r9r7GGpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
x-powered-by
PHP/7.2.34
cpmgo1.php
phimonlinehay.com/include/ Frame 5D33 		753 B
820 B 		Document
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/include/cpmgo1.php
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/jquery/hamchung.js?b=28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
116fdca1afe10dda89a43b9d99683a4f623edfb7ce730a882baa8e1c3caa009f

Request headers

Referer
https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c5f26a65d179bb8-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 20 Sep 2024 04:42:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ArPRJtx9hUXpETOgqhk%2Fh%2BT%2Fq22DWBLVP1Y%2BiXzH%2B%2B6m%2FzwqsQBrBBSH8AZxY9aKZxytPoI8QsiW7VdvzeW2sAej7K0Uj5ttpUBgasbZvE9ZQ2NhKbgj85PxmERpFj5LYNIm%2FxAlaMWvKtDW8YuIYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
x-powered-by
PHP/7.2.34
phimonline3159.jpg
media.xemfree.com/hinhanh/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/hinhanh/phimonline3159.jpg
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4289200afafa0493472ae35235293af76d65ed2a8c23dd0d2e63d6978784bf6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"420a11-17dc6-500b233282180"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jC7DQ33yNR9ThmXvR862%2BStNlZZAKk6BzSJnECcF3vWLHGQoXog8WeJld%2FsRcaUL7vPcGH6eB9PnxJooOqWOo%2FTcUzMjJOqiVtJcKSBogfq0lHHMqZSRJ45Jz6zwzz7izyQ6ToI6DtsLenhZfJjQGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a5f9d14d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
97734
date
Fri, 20 Sep 2024 04:42:49 GMT
content-type
image/jpeg
last-modified
Fri, 15 Aug 2014 22:04:06 GMT
vary
Accept-Encoding
server
cloudflare
icon_rss.png
media.xemfree.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/images/icon_rss.png
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43adf4a9768df1fa4410f05239a22fc01ebbce2ccd4ccd45f5a36c0d2b3de6aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cf-cache-status
HIT
etag
"420490-82b-4f7d6ee5d5a40"
age
1179509
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MGU7NH5XyjPiewgF4g%2B2opPypcdU4PC6DKUJFd%2FLPF08oZBfmog6ISSE8ur4hgfo7VACJmwYRojIezQ8%2FkQtZl9PL82eI8giXafk94XAzBzQsZzH3CuxrKsfxaTWNrKGDQmKbRIWggj491JE3znCPg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/png
last-modified
Fri, 25 Apr 2014 05:06:41 GMT
vary
Accept-Encoding
cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c5f26a609d34d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2091
server
cloudflare
xemphim.png
media.xemfree.com/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/images/xemphim.png
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce50bb5e05702e0179ff467fa405c5c4d680a0c9db4080c844de9f3710b6995

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cf-cache-status
HIT
etag
"420504-27ea-4f6f994591bc0"
age
10717063
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xaJ07NVt9bDzliYgbZfMFc1BNkQ7jto%2Bb9nJlAeo%2BrOA%2FZH6gvd0FSfCZiSK%2BPxVQ6DnAVbxASiwWHLVBGpKA4bHInqpQCN2nmnWliXlk0DDy9ZGBRZxdEYyvacRTx2E8%2BAqNuInd4ITL4El3p4s6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/png
last-modified
Mon, 14 Apr 2014 05:01:43 GMT
vary
Accept-Encoding
cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c5f26a609d44d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
10218
server
cloudflare
xemsau.png
media.xemfree.com/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/images/xemsau.png
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25356853355d5417e262d4b09a3704924167abbe89c76dec963dadcb3417b9ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cf-cache-status
HIT
etag
"4204af-26b6-50f3bba70e040"
age
28538
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xisIkrJrF6wXXhSAsurbErb0bve4RpeEAYF2terohsQVyUKoaYUZmqyQ71d4PH1ZUoOpTmbICgJlwtInwMXsqzO0MqD7zQZ7auYvuDzbu8dZWZvht5mi5l5Dqjk4L474NXMn1pHwK4xHl3Uqu0tHzg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/png
last-modified
Mon, 16 Feb 2015 22:01:29 GMT
vary
Accept-Encoding
cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c5f26a609d54d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
9910
server
cloudflare
p697w120h90.jpg
media.xemfree.com/hinhanh/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/hinhanh/p697w120h90.jpg
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159b79b316ae55401bbb4ed0d8ca9feaf02d35bb8822cadad8ecf223c1501f19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"407535-104c-52587761d5600"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6odEpsMnE5i%2F2DJoY7xvjmAqSv7abgPTh%2BsdJ6ps91jVAzt%2FtGOIyerhSqCLTS53OPdwFoxPT2H6fqz1J7EDMtQF1zXgZJOyjUt3hPeCPoUs%2FsfihjbzEYnjkw9AuVCYByPKf%2BUTUblrtjbGiPo3Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a609d64d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
4172
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/jpeg
last-modified
Fri, 27 Nov 2015 15:36:56 GMT
vary
Accept-Encoding
server
cloudflare
p13977w120h90.jpg
media.xemfree.com/hinhanh/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/hinhanh/p13977w120h90.jpg
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50fe8fd51b6ab328a1bdae5ba51d74c710a0b88107c9067ba950fb294f187758

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"40b464-116f-55fe57d4e8280"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h5xkVfTiETY7BeGMA782u8GxHfCzSEuCfMPEwfzy9RmNWLGdwUkoRL5ZED2aq1RE8tafqcYDvMTSa%2Fi4rHFugUSqCpiakfNxJTvwrobPpUFbCLHYzIGJkQtByeefW0SCRNw77OjpbDEi64HbnJS8sw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a609d74d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
4463
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/jpeg
last-modified
Sat, 09 Dec 2017 10:08:58 GMT
vary
Accept-Encoding
server
cloudflare
loa_loa.gif
media.xemfree.com/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/images/loa_loa.gif
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f96e8af2965004fbe14a1f1b28150b9b5591952e434095cb09e5fe5c0e6ad10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cf-cache-status
HIT
etag
"4204c2-1876-4fb0ea0d0e040"
age
7366679
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vbm5H4cPDvh%2BoNbu1jqZ3Ce1K90xnSstJBpFYrQVWaRwa7AURaSn6hary9yP8NsYL9ZJqtc1E1jqjzFiOK8gEUi0KHpRRdEXZVlYX2O4orOH%2FdOomiEo6bJ8c%2BQVDRKON3cY9550AA%2BlOcGpFZ1VNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/gif
last-modified
Thu, 05 Jun 2014 03:49:13 GMT
vary
Accept-Encoding
cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c5f26a609d94d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6262
server
cloudflare
p19690w120h90.jpg
media.xemfree.com/hinhanh/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/hinhanh/p19690w120h90.jpg
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d427c7c39a67cb6f7f9246d779fbc0d78d125e85779c7d98692e4c0e4f12336

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"405e4b-1358-5a56e7e72ed80"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HmphJmRMe1tE1512QPca6kf41GaCXJwLOZi8O12MAcWHWx9MFrVomB6bnjiiu6mKony%2FqRohYF0kMVbHexU8cK1TRbEE5C6xsP0Y%2FmuuuNeVMG3cacKDlXgfXPI0kncMVNrUqOnTyv5zT%2FwQFf3jmw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a609da4d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
4952
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/jpeg
last-modified
Tue, 12 May 2020 07:34:30 GMT
vary
Accept-Encoding
server
cloudflare
p8079w120h90.jpg
media.xemfree.com/hinhanh/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/hinhanh/p8079w120h90.jpg
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
524fbfd00da19c2fdd56a365a34422100685fadf6a8df9efc160878707b657e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"408003-11b7-525878d00b600"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6TUn8y5nls58v2HWo%2FGo9TblxcfV544OhU34a3dgj8Kf1S9rIWj23zW6F68FCzqVaxGh5zq%2FGio7dHM3b8s4ry9ryBVbUN4kisS8wOOyo65Qn%2BQnkOc5hVzXoJUkbFYhF9EnY6OR2Hwri4VmkTWjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a609dc4d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
4535
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/jpeg
last-modified
Fri, 27 Nov 2015 15:43:20 GMT
vary
Accept-Encoding
server
cloudflare
p1563w120h90.jpg
media.xemfree.com/hinhanh/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/hinhanh/p1563w120h90.jpg
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b738c7a590fa413a1ac904f9f6b0d8886b57c7e54539aa2998f86b43c6e61ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"404cb3-1136-52587792788c0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BZ7RlT%2BP5lsSJtiNIxIjC3lCoYmYhScJGEgHlWuuq%2FeAhyBzy4naHjOQGHdyHlvFzKYic%2FRB337d4lRm1oyU0b72%2B%2Bt9lMfWbu7VRN8c%2FMz6gZB%2FsaDsa5cAeSTeFkQFtvf%2BSO0xW%2BcIkWb6xtRoPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a609dd4d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
4406
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/jpeg
last-modified
Fri, 27 Nov 2015 15:37:47 GMT
vary
Accept-Encoding
server
cloudflare
p21647w120h90.jpg
media.xemfree.com/hinhanh/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/hinhanh/p21647w120h90.jpg
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6951039847f6e87b47a1c6a57100624dc1d3bc880d92e95bdbfec3ef0c03e57d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"40f5ec-12a5-5c34948cd5b40"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1edjB7YN6ikh3ul6AGFWdEBDo77656EkpDnkOSncrYQP3MQMljOxlFEFWq05Vt6ZSJo2dO5R9YUJEshMEDFjDKnWclVrUwgnE5IiGSBVykwU1Q8tMIbdRizk2rZJMEDkwHfPRyTGQDxNoSQpBedLzg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a609de4d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
4773
date
Fri, 20 Sep 2024 04:42:49 GMT
content-type
image/jpeg
last-modified
Thu, 27 May 2021 05:46:45 GMT
vary
Accept-Encoding
server
cloudflare
p24978w120h90.jpg
media.xemfree.com/hinhanh/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/hinhanh/p24978w120h90.jpg
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a758fc2b83b1692df898f9e7ed5ca0eb627ec8f765e92bebb461a73e0f2d1bdb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"4108f0-dd3-60bd6776bb173"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CR1Djb%2BQz18pMK5Cqi6H%2FMXYYPnEXNm5LM2LIb4ZH1adjHwcZF8L0DA7da8UCF6KbGBlJnLxNiz0jXLlKLzE5zpGBJsSxNC7H8g%2Fs64%2B1lHDj%2BG30XlnWsrTb4xFqoGODuooj6CTk6nYLXWZGdBLAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a619e84d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
3539
date
Fri, 20 Sep 2024 04:42:49 GMT
content-type
image/jpeg
last-modified
Wed, 06 Dec 2023 12:26:54 GMT
vary
Accept-Encoding
server
cloudflare
p1208w120h90.jpg
media.xemfree.com/hinhanh/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/hinhanh/p1208w120h90.jpg
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc596242e7bc508fdc0af172d63bdae8cd56585adb3b5add24140677bfed9f51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"40e870-1031-52587770237c0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VNsMMiv7i%2B7nm2GtW8TiVbGsDnJtQvwvmtxQDAmsfeC6B4Qlu9vrF6F3xAf0pfRmr9ZorC2NPv8eGWrTgBUW8uhS39AgroqZeiM%2FDQ%2BiXbthGIKl5be0PTKNiRKjzWVDriAPgHcpOlDMc44rdEZewg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a609df4d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
4145
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/jpeg
last-modified
Fri, 27 Nov 2015 15:37:11 GMT
vary
Accept-Encoding
server
cloudflare
p17140w120h90.jpg
media.xemfree.com/hinhanh/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/hinhanh/p17140w120h90.jpg
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
575b5e7dba75ac1ae93e94fd9e5ac98215d423ae37315dcc5ae50750a902bc84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"40ee8b-1072-58b0b1dd5b840"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDzi4Fg7L0JpysMyacdQmqSqZWB7XLK%2FOtC48dpqhGIzV%2FD32xf7J63NxQh6I4Y9fMABwYmnZxHl6OB4uP3J8pt%2FutP6PJWgyBg%2Ba%2Fs0WzuZECMOe7TG6qunVRFoXEEbBLVVHL28u3MlUqivKjOjdA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a609e04d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
4210
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/jpeg
last-modified
Tue, 11 Jun 2019 12:05:45 GMT
vary
Accept-Encoding
server
cloudflare
p3090w120h90.jpg
media.xemfree.com/hinhanh/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/hinhanh/p3090w120h90.jpg
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00b8fd767341dcde03f3bb4b682da240f9b0d3ae8b7c7562fa57faf8f33ff01b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"40bd80-146a-525877dbe7600"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BeRt2AYodRXrapqWH9xPGb0vHlU%2BS3mLrS4hWd1JUuB1SIDBfEZ7s86RfN8gpUtU2iTpUmiHvn7IvNqLp%2B5Zio4KQvTL8tu5kdvPvuPIkKGdVGz4BQTGdRMDtsPiDsiX5TIuE%2BzD4PEhJC81W9AShQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a609e14d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
5226
date
Fri, 20 Sep 2024 04:42:49 GMT
content-type
image/jpeg
last-modified
Fri, 27 Nov 2015 15:39:04 GMT
vary
Accept-Encoding
server
cloudflare
load.php
phimonlinehay.com/jquery/ 		244 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/jquery/load.php
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/jquery/hamchung.js?b=28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
529f3427dc2b20e1f265628055e759d9d9ab340dfbe04046fe08b473528f4c7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4stTqguX7BvIOaUhJXe1nM2%2Bd5DRUhmCYeDn3TMQVt9mb%2FOShEU%2BXJfkbHtoVYvm%2BdDNYnm77tfImmTzw2JE1rFHk7ds7Ay5sT6MnXjEfEaXjqu%2FjJ61cc3xws%2FYUSDt1jMlqGhqRjUsdezUnjsGow%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a60ce49bb8-FRA
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
application/javascript
x-powered-by
PHP/7.2.34
server
cloudflare
bg.li.sidebar.png
media.xemfree.com/images/ 		999 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/images/bg.li.sidebar.png
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/jquery/phimonline.css?b=28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b479dd02539e292a7140f63048f1854a6d4ee8fdb4999d16140b184ec58990a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cf-cache-status
HIT
etag
"42048d-3e7-501cf236171c0"
age
424780
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQsNo6vtMqOuJpJNHdQag3Un4YQ%2B%2FQHFYtM0oHkYFFU5v95llRCo4Q%2BeQ5Sj4kWQp6NZieR1%2F5nId1yAbnPArAf4c%2FNhMUB4jbV0Itq%2BdXAj4Mvmf%2BvEHnK1rr10uPrUg2EfCcbGW9t6b65kviLL4g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/png
last-modified
Sat, 30 Aug 2014 02:00:47 GMT
vary
Accept-Encoding
cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c5f26a609e24d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
999
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-T48GQEVJN2&gtm=45je49j0v9171806806za200&_p=1726807368568&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=536117695.1726807369&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726807368&sct=1&seg=0&dl=https%3A%2F%2Fphimonlinehay.com%2Fxem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html&dt=Xem%20Phim%20B%E1%BA%A3n%20S%E1%BA%AFc%20Anh%20H%C3%B9ng%20-%20A%20Better%20Tomorrow%20Vi%E1%BB%87t%20Sub%20(2010)%20-%20Xem%20Phim%20Online%20Hay%2C%20Xem%20Phim%20Online%20Nhanh&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=460
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T48GQEVJN2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://phimonlinehay.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
text/plain
server
Golfe2
77477
wenedisbud.com/rVifyxfBCaA/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wenedisbud.com/rVifyxfBCaA/77477
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/jquery/load.php
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.224 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
Date
Fri, 20 Sep 2024 04:42:48 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://phimonlinehay.com
Server
nginx
77495
intinepollist.com/fKPhxg0OwcCSjnxpY/ 		6 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intinepollist.com/fKPhxg0OwcCSjnxpY/77495
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/jquery/load.php
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.27 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
Date
Fri, 20 Sep 2024 04:42:48 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://phimonlinehay.com
Server
nginx
js15.js
s10.histats.com/ 		0
0
footer_bar.jpg
media.xemfree.com/images/ 		357 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/images/footer_bar.jpg
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/jquery/phimonline.css?b=28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33f05840115ab7d76d5437b2e9fd9e8f4861121d0d0f2b07113c5fbde8942a40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cf-cache-status
HIT
etag
"420509-165-5014198c36ec0"
age
15657489
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kK3YcMPjyvFMcQBcetNU%2FGAAUWnykK3Ed57A8wt51dhhWSO3EBJFR0jPWziLdTT80lNiM8C2s7wYQo059OH%2FQmtp06K7r%2Fle3X8q%2FL9HSDkkKzjfdB67T6s%2BaHb9IDyU%2Fw6t%2Fv8L8mBCe8EKJPOxGg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/jpeg
last-modified
Sat, 23 Aug 2014 01:08:51 GMT
vary
Accept-Encoding
cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c5f26a77aaf4d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
357
server
cloudflare
like.php
www.facebook.com/v2.0/plugins/ Frame 744C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.0/plugins/like.php?action=like&app_id=917392018275088&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df54f796c42473598b%26domain%3Dphimonlinehay.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fphimonlinehay.com%252Ff19bfc63594f17ca1%26relation%3Dparent.parent&container_width=410&href=https%3A%2F%2Fphimonlinehay.com%2Fxem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html&layout=button_count&locale=vi_VN&sdk=joey&share=true&show_faces=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=523b7850e2f12da08ba298215ff61e1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://phimonlinehay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Fri, 20 Sep 2024 04:42:48 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416581172667469920"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416581172667469920"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=5041, tp=-1, tpl=-1, uplat=28, ullat=0
x-fb-debug
9GuDxUPveCENJM7qHG8BFWiutcvqH41gyl/qnqwNF5f/5OdbL4cpw6d734kGNW/UzsyFs7MtGpWbfrB84RHCiw==
x-xss-protection
0
comments.php
www.facebook.com/v2.0/plugins/ Frame 22C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.0/plugins/comments.php?app_id=917392018275088&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df91171f55b8e7811a%26domain%3Dphimonlinehay.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fphimonlinehay.com%252Ff19bfc63594f17ca1%26relation%3Dparent.parent&color_scheme=light&container_width=405&height=100&href=http%3A%2F%2Fxem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html%2F&locale=vi_VN&numposts=5&sdk=joey&version=v2.0&width=405
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=523b7850e2f12da08ba298215ff61e1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://phimonlinehay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Fri, 20 Sep 2024 04:42:48 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416581172200363400"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416581172200363400"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2819, tp=-1, tpl=-1, uplat=26, ullat=0
x-fb-debug
qyI5ff9UNFkLbSmphSqvSmDCJ/Sden1vxfNx0rBDT4WSITbw9yBOvKl3XC/MGvBQjo5qDJQ73TDt4582WEPjLg==
x-frame-options
DENY
x-xss-protection
0
like_box.php
www.facebook.com/v2.0/plugins/ Frame 0170 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.0/plugins/like_box.php?app_id=917392018275088&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df400de3d52caf05af%26domain%3Dphimonlinehay.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fphimonlinehay.com%252Ff19bfc63594f17ca1%26relation%3Dparent.parent&color_scheme=light&container_width=249&header=false&height=180&href=https%3A%2F%2Fwww.facebook.com%2Fphimonhay&locale=vi_VN&sdk=joey&show_border=true&show_faces=true&stream=false&width=250
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=523b7850e2f12da08ba298215ff61e1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://phimonlinehay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Sep 2024 04:42:49 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v15.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416581173862963306"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416581173862963306", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=5657, tp=-1, tpl=-1, uplat=89, ullat=0
x-fb-debug
LyrY4bUyFIF2OsKUuyih7mEktRt98WxrJFmraXWGeCCZrjZ+vKOGadw3Sw2VkmAyQPbQUpLcH8GmM/L267Z3HQ==
x-xss-protection
0
speculation
phimonlinehay.com/cdn-cgi/ Frame 3AB5 		128 B
573 B 		Other
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/cdn-cgi/speculation
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://phimonlinehay.com
Referer
https://phimonlinehay.com/include/adonly1.php

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yWIu5b64uiTzDA2fwbAjWFkCMOKzeDwnYwPOWCfMWgfIyP0MtKeNgZbieNZjhPf1PGP6GQEdwaXWlCPzuy5MhVJTj095Oe2EMJr2eUQDtRhaVmLb6wfiM3h5asSHtN17ROBHRzE2lCKsB83Y%2Ft6j5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a7de109bb8-FRA
access-control-allow-origin
https://phimonlinehay.com
alt-svc
h3=":443"; ma=86400
content-length
128
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
jquery.min.js
phimonlinehay.com/jquery/ Frame 3AB5 		76 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/jquery/jquery.min.js
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/include/adonly1.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd8381153708e8a5a7a6a6b69692828455b6d066358f48ba4a12fd8588bfdddf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/include/adonly1.php

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"12ed8-4f5e3701a5d80"
age
5362786
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iFUFTqw1zcGKvWHxZOh0T%2FxA5bRrXjo4Ei0DwPXYZUet7BFg2u1pCAohpJbSnv%2BIM%2B%2BB%2BSD8EuIoUKZ6qCOm0qi2uJlRAAH7hNAed5iSAcyHBZcbk2l7qAIbjbOcMPORwqZAd5pMqgLEH4OfQCUZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a558c235fa-FRA
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
application/javascript
last-modified
Mon, 31 Mar 2014 09:11:34 GMT
vary
Accept-Encoding
server
cloudflare
hinhanh2.1.jpg
media.xemfree.com/images/ Frame 3AB5 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/images/hinhanh2.1.jpg?v=1
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/include/adonly1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6e656829f2defe32420424b67c793c7f2bd25a4824515a62c02d6809a6ff0af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cf-cache-status
HIT
etag
"4204e3-16e3a-6015ad06183c0"
age
15651043
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dnu455QgxIgdsadsdSp0CGeQMgO8tcQmDljAEuzbBCgg%2BdE4m%2BirBWQve2w2B2eaNkoO7AaCuZgmblNZq4MQ0inQ8n1HQ2K6D9xpG1gDySYgZUZqVpmFzg%2BlwWseTMOz1yw4ecYg6cSyK2dfC2OZbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/jpeg
last-modified
Wed, 26 Jul 2023 02:43:35 GMT
vary
Accept-Encoding
cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c5f26a7dae44d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
93754
server
cloudflare
speculation
phimonlinehay.com/cdn-cgi/ Frame 5D33 		128 B
583 B 		Other
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/cdn-cgi/speculation
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://phimonlinehay.com
Referer
https://phimonlinehay.com/include/cpmgo1.php

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4rsP5%2F%2BKOu7XK8ZCcuECT9x7Aa0B4NEbUMABoPSYYzlnA%2FlH%2FTzZVkkpm%2Blt%2BbtKEDFFuv9FFibvT7zucomwgN3Uzs8N2mydxtPlOc4W3D5QizWiD1krQxIs0P22oX5e%2BoljMmz3nZqIKlyJLsC%2BKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a7ee1c9bb8-FRA
access-control-allow-origin
https://phimonlinehay.com
alt-svc
h3=":443"; ma=86400
content-length
128
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
jquery.min.js
phimonlinehay.com/jquery/ Frame 5D33 		76 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/jquery/jquery.min.js
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/include/cpmgo1.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd8381153708e8a5a7a6a6b69692828455b6d066358f48ba4a12fd8588bfdddf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/include/cpmgo1.php

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"12ed8-4f5e3701a5d80"
age
5362786
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iFUFTqw1zcGKvWHxZOh0T%2FxA5bRrXjo4Ei0DwPXYZUet7BFg2u1pCAohpJbSnv%2BIM%2B%2BB%2BSD8EuIoUKZ6qCOm0qi2uJlRAAH7hNAed5iSAcyHBZcbk2l7qAIbjbOcMPORwqZAd5pMqgLEH4OfQCUZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a558c235fa-FRA
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
application/javascript
last-modified
Mon, 31 Mar 2014 09:11:34 GMT
vary
Accept-Encoding
server
cloudflare
hinhanh2.2.jpg
media.xemfree.com/images/ Frame 5D33 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xemfree.com/images/hinhanh2.2.jpg?v=1
Requested by
Host: phimonlinehay.com
URL: https://phimonlinehay.com/include/cpmgo1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d9e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00a91028fdd74672a6f0fec19f405ddc2a0406493aa41797a12e2421b7443dc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cf-cache-status
HIT
etag
"4204c1-17cbb-6015ad34d3200"
age
15492678
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PXZ%2BTCJN0t0aC30aaTa9CVWLlaxjBImqOj6aa%2FYN0fIuuxqe2d7hOcCwJg9OOIvbtR2IcuHxyESQfJVBNo94CNTMmo7%2FZ7VwLHmRZ4FILGjshbp59nZptFO5%2BvFhYJ3p0dHhFz1J1eeoK1W85dtKKw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:48 GMT
content-type
image/jpeg
last-modified
Wed, 26 Jul 2023 02:44:24 GMT
vary
Accept-Encoding
cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c5f26a7eaea4d52-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
97467
server
cloudflare
favicon.ico
phimonlinehay.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://phimonlinehay.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f080a85ce24a60235168aa5dafe7d9e71e61ddc3e614f6a6ba443a6fcac9b533

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html

Response headers

cache-control
public, max-age=290304000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"47e-50e562ff33e80"
age
28747
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2FflPSfF1sLgvrmqsqW1NRvMbW9uJSxnjGfOwuYLXIJDEkO9%2F61quGAWKIu1Prxym6JGQ65Y9EZLLC7slXbzTH2dNLyTHS0RzCnRMRwec5WvpB3DSbho9%2FCDG0JpCPkIE6PpM%2F%2BOBBm7LXPkQFVKyg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5f26a99f089bb8-FRA
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 04:42:49 GMT
content-type
image/vnd.microsoft.icon
last-modified
Thu, 05 Feb 2015 12:10:18 GMT
vary
Accept-Encoding
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-T48GQEVJN2&gtm=45je49j0v9171806806za200&_p=1726807368568&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=536117695.1726807369&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1726807368&sct=1&seg=0&dl=https%3A%2F%2Fphimonlinehay.com%2Fxem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html&dt=Xem%20Phim%20B%E1%BA%A3n%20S%E1%BA%AFc%20Anh%20H%C3%B9ng%20-%20A%20Better%20Tomorrow%20Vi%E1%BB%87t%20Sub%20(2010)%20-%20Xem%20Phim%20Online%20Hay%2C%20Xem%20Phim%20Online%20Nhanh&en=scroll&epn.percent_scrolled=90&_et=5&tfd=5468
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T48GQEVJN2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://phimonlinehay.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://phimonlinehay.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 20 Sep 2024 04:42:53 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s10.histats.com
URL
http://s10.histats.com/js15.js

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| FB function| $ function| jQuery function| getmien function| getrefer function| setCookie function| readCookie function| checkmobi boolean| fhads object| as2host object| ashost string| as2temp string| yt string| tenmien function| shorten function| catchuoi function| catchuoiid function| locdau function| timkiem function| timvideo function| keywordsup function| keywordvup function| keyfocus function| anphai function| antrai function| nhacai function| nhacai_bk function| giua_ads function| checkads function| timkiemphim function| timkiemvideo function| loaitivi function| linkhong function| linkdie function| loadkeeper function| loadtivi function| xemphim function| addboxphim function| addlightsout function| toggleFullScreen function| checkkeydown function| seturl function| loadphim function| loaderror function| loadloai function| xemvideo function| videoload function| time function| downphim function| downvideo function| trangchu function| gtag object| dataLayer object| __buffer object| re object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

6 Cookies

Domain/Path Name / Value
.phimonlinehay.com/ Name: _ga
Value: GA1.1.536117695.1726807369
.phimonlinehay.com/ Name: _ga_T48GQEVJN2
Value: GS1.1.1726807368.1.0.1726807368.0.0.0
intinepollist.com/ Name: GL_UI4
Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAiAaOml8dZ3IMvuSNcuO82wpfr2riZ6dX7y5ZwoilblHcRLtoXkIp%2FgQel9pRCHVtb75656rIa66xp1qJq2kW3TwdbMvZeDRZ%2FCZp4k%2B94vKexGdMhG9Yo05nAfqL%2Fm5OjqUhADS6dzEFMgbA7rgek6I5cJpE5OCNnrkSmomOQHMSR1cwjeuODjClY0l0lxA%2BLNuMtnscuiosgiuD1b6d%2BJp97oEMXIUiPEL7BR0uNI%2FAVrjfPJ0xmArO7%2F%2Bd9PYX%2FWINO4GBUi%2BSPyN0XnTgI%3D
intinepollist.com/ Name: GL_GI10
Value: eJwNy9EKgjAUBuDtQEZUFz%2F5AHuCgaL4AGV540MMWzHCs3GmQW%2Bftx98SikqT6CQcG5aWzWVrdradi30G3TrQRNj%2F%2FAyO%2F5BC2jYTBi7wefsoSfgLo4%2Fr1UW42YzusDQAcexbjrTrxKTB3HG4RolRXHLllKhQUssCJSfpYL%2BFpc%2FG1QflA%3D%3D
wenedisbud.com/ Name: GL_UI4
Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAiAaOml8dZ3IMvuSNcuO82wpfr2riZ6dX7y5ZwoilblHcRLtoXkIp%2FgQel9pRCHVtb75656rIa66xp1qJq2kW3TwdbMvZeDRZ%2FCZp4k%2B94vKexGdMhG9Yo05nAfqL%2Fm5OjqUhADS6dzEFMgbA7rgek6I5cJpE5OCNnrkSmomOQHMSR1cwjeuODjClY0l0lxA%2BLNuMtnscuiosgiuD1b6d%2BJp97oEMXIUiPEL7BR0uNI%2FAVrjfPJ0xmArO7%2F%2Bd9PYX%2FWINO4GBUi%2BSPyN0XnTgI%3D
wenedisbud.com/ Name: GL_GI10
Value: eJwNy9EKgjAUBuDtQEZUFz%2F5AHuCgaL4AGV540MMWzHCs3GmQW%2Bftx98SikqT6CQcG5aWzWVrdradi30G3TrQRNj%2F%2FAyO%2F5BC2jYTBi7wefsoSfgLo4%2Fr1UW42YzusDQAcexbjrTrxKTB3HG4RolRXHLllKhQUssCJSfpYL%2BFpc%2FG1QflA%3D%3D

45 Console Messages

Source Level URL
Text
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/ahome.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/ahome.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 34)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/search-dark.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/phimonline3159.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/icon_rss.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/xemphim.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/xemsau.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p697w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p13977w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/loa_loa.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p19690w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p8079w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p1563w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/loa_loa.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p21647w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/loa_loa.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p24978w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p1208w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p17140w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p3090w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/loa_loa.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/phimonline3159.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/icon_rss.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/xemphim.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/xemsau.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p697w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p13977w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/loa_loa.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p19690w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p8079w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p1563w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/loa_loa.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p21647w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/loa_loa.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p24978w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p1208w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p17140w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/hinhanh/p3090w120h90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/loa_loa.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://phimonlinehay.com/jquery/hamchung.js?b=28(Line 39)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/bg.li.sidebar.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure script 'http://s10.histats.com/js15.js'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://phimonlinehay.com/jquery/jquery.min.js(Line 24)
Message:
Mixed Content: The page at 'https://phimonlinehay.com/xem-phim-ban-sac-anh-hung-a-better-tomorrow-2010-3159.html' was loaded over HTTPS, but requested an insecure element 'http://media.xemfree.com/images/footer_bar.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://phimonlinehay.com/include/adonly1.php
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://phimonlinehay.com/include/cpmgo1.php
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
intinepollist.com
media.xemfree.com
phimonlinehay.com
region1.google-analytics.com
s10.histats.com
wenedisbud.com
www.facebook.com
www.googletagmanager.com
s10.histats.com
2001:4860:4802:34::36
23.109.170.224
23.109.170.27
2606:4700:3030::ac43:d476
2606:4700:3030::ac43:d9e3
2a00:1450:4001:81c::2008
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
00a91028fdd74672a6f0fec19f405ddc2a0406493aa41797a12e2421b7443dc4
00b8fd767341dcde03f3bb4b682da240f9b0d3ae8b7c7562fa57faf8f33ff01b
116fdca1afe10dda89a43b9d99683a4f623edfb7ce730a882baa8e1c3caa009f
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1282d676678be73ef1e034570b283c96a267d28a7d537bc8eb9c5d0ec5d9cb91
159b79b316ae55401bbb4ed0d8ca9feaf02d35bb8822cadad8ecf223c1501f19
25356853355d5417e262d4b09a3704924167abbe89c76dec963dadcb3417b9ba
33f05840115ab7d76d5437b2e9fd9e8f4861121d0d0f2b07113c5fbde8942a40
4289200afafa0493472ae35235293af76d65ed2a8c23dd0d2e63d6978784bf6d
43adf4a9768df1fa4410f05239a22fc01ebbce2ccd4ccd45f5a36c0d2b3de6aa
46ca171dd890a3ef6c3ad9713b2a1e2d84764200a3a4bb70ba896b7d7632b650
50fe8fd51b6ab328a1bdae5ba51d74c710a0b88107c9067ba950fb294f187758
524fbfd00da19c2fdd56a365a34422100685fadf6a8df9efc160878707b657e1
529f3427dc2b20e1f265628055e759d9d9ab340dfbe04046fe08b473528f4c7d
575b5e7dba75ac1ae93e94fd9e5ac98215d423ae37315dcc5ae50750a902bc84
59c69c64f582e62e01e9e53472c24db9114543dbd54c271a3b0cdf2546374f30
655211853e3a4cb10721a34f4591fe03f6d567267dad6d8f25fafa1eeed8590c
6951039847f6e87b47a1c6a57100624dc1d3bc880d92e95bdbfec3ef0c03e57d
6d427c7c39a67cb6f7f9246d779fbc0d78d125e85779c7d98692e4c0e4f12336
6f96e8af2965004fbe14a1f1b28150b9b5591952e434095cb09e5fe5c0e6ad10
743b6cf8841108c2b2a63b75fca4ca81ecbb7fe1ea70ed04d2bb61693983424e
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
77e86e213260f6b6171a3cb33b9eaa92fe62ceb00aa6f78c83f97b6b85bc3947
7a4929539d96d844618c29aa3c29e80adcc6e86174dff7b401dd262eb3b872a8
7f979eef5fea7c03fbe18fabe14b1ba65e9fb808f866ba52c45a5bbfb6c1f52f
8ce50bb5e05702e0179ff467fa405c5c4d680a0c9db4080c844de9f3710b6995
9b479dd02539e292a7140f63048f1854a6d4ee8fdb4999d16140b184ec58990a
9b738c7a590fa413a1ac904f9f6b0d8886b57c7e54539aa2998f86b43c6e61ca
a6e656829f2defe32420424b67c793c7f2bd25a4824515a62c02d6809a6ff0af
a758fc2b83b1692df898f9e7ed5ca0eb627ec8f765e92bebb461a73e0f2d1bdb
cc596242e7bc508fdc0af172d63bdae8cd56585adb3b5add24140677bfed9f51
cd8381153708e8a5a7a6a6b69692828455b6d066358f48ba4a12fd8588bfdddf
dfb455693a20ddc038ab9008134cb1597a8c92407a4983e9abb9d642923ebb25
dfc28922b00b88ae568a1db1186097eade336970d9e418f5b7f723f61be563f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb9cae24413b027ce098b4850c64cbe9cbbbcea4718d0c27842481d2d65f916a
f080a85ce24a60235168aa5dafe7d9e71e61ddc3e614f6a6ba443a6fcac9b533