Submitted URL: http://rutgon.com.vn/shorten
Effective URL: https://365phim.com/
Submission: On November 10 via api from US — Scanned from DE

Summary

This website contacted 20 IPs in 3 countries across 18 domains to perform 80 HTTP transactions. The main IP is 2606:4700:3035::ac43:8272, located in and belongs to . The main domain is 365phim.com.
TLS certificate: Issued by WE1 on October 10th 2024. Valid for: 3 months.
This is the only time 365phim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
13 365phim.com openinapp.link
365phim.com
11 rutgon.com.vn rutgon.com.vn
8 fonts.gstatic.com fonts.googleapis.com
7 img.ophim.live 365phim.com
5 fonts.googleapis.com 365phim.com
4 openinapp.link rutgon.com.vn
openinapp.link
unpkg.com
2 cdnjs.cloudflare.com 365phim.com
cdnjs.cloudflare.com
2 connect.facebook.net 365phim.com
connect.facebook.net
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com rutgon.com.vn
365phim.com
1 www.google.de 365phim.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 phim.nguonc.com 365phim.com
1 i.imgur.com 365phim.com
1 static.cloudflareinsights.com openinapp.link
1 unpkg.com openinapp.link
1 vungoctuan.vn rutgon.com.vn
80 18

This site contains links to these domains. Also see Links.

Domain
temu.to
Subject Issuer Validity Valid
rutgon.com.vn
R11
2024-10-10 -
2025-01-08
3 months crt.sh
vungoctuan.vn
R10
2024-10-11 -
2025-01-09
3 months crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
openinapp.link
WE1
2024-10-14 -
2025-01-12
3 months crt.sh
unpkg.com
WE1
2024-09-25 -
2024-12-24
3 months crt.sh
cloudflareinsights.com
WE1
2024-11-01 -
2025-01-30
3 months crt.sh
365phim.com
WE1
2024-10-10 -
2025-01-08
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-19 -
2024-11-17
3 months crt.sh
ophim.live
WE1
2024-10-26 -
2025-01-24
3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA
2024-02-15 -
2025-02-14
a year crt.sh
nguonc.com
WE1
2024-10-22 -
2025-01-20
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google.de
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://365phim.com/
Frame ID: 3B3AD29BE98B2C88D2356318BE55A1DE
Requests: 81 HTTP requests in this frame

Screenshot

Page Title

Error - Rút gọn link rutgon.com.vn

Page URL History Show full URLs

  1. http://rutgon.com.vn/shorten HTTP 307
    https://rutgon.com.vn/shorten Page URL
  2. https://openinapp.link/365phim Page URL
  3. https://365phim.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

80
Requests

80 %
HTTPS

47 %
IPv6

18
Domains

18
Subdomains

20
IPs

3
Countries

2453 kB
Transfer

4318 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rutgon.com.vn/shorten HTTP 307
    https://rutgon.com.vn/shorten Page URL
  2. https://openinapp.link/365phim Page URL
  3. https://365phim.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://rutgon.com.vn/shorten HTTP 307
  • https://rutgon.com.vn/shorten

80 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
shorten
rutgon.com.vn/
Redirect Chain
  • http://rutgon.com.vn/shorten
  • https://rutgon.com.vn/shorten
15 KB
7 KB
Document
General
Full URL
https://rutgon.com.vn/shorten
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
36.50.177.1 , Viet Nam, ASN151885 (ANTOANDULIEU-VN DATA SECURITY SOLUTIONS LIMITED, VN),
Reverse DNS
Software
nginx/1.26.2 / PHP/8.1.2-1ubuntu2.18
Resource Hash
329d0bf37960ccf7c3a2ac30d6341d44851df9db3079d91892457e6ce28e1fa5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Nov 2024 11:13:32 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.26.2
Transfer-Encoding
chunked
X-Powered-By
PHP/8.1.2-1ubuntu2.18

Redirect headers

Location
https://rutgon.com.vn/shorten
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
rutgon.com.vn/static/
187 KB
27 KB
Stylesheet
General
Full URL
https://rutgon.com.vn/static/bootstrap.min.css
Requested by
Host: rutgon.com.vn
URL: https://rutgon.com.vn/shorten
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
36.50.177.1 , Viet Nam, ASN151885 (ANTOANDULIEU-VN DATA SECURITY SOLUTIONS LIMITED, VN),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
667244226d2cae230d34813312d2b962e94b8454fac7bd98606e67c41929f44a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://rutgon.com.vn/shorten

Response headers

Content-Encoding
gzip
ETag
"2ec23-60448b9d27d80-gzip"
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=86400
Content-Length
27100
Date
Sun, 10 Nov 2024 11:13:33 GMT
Content-Type
text/css
Last-Modified
Fri, 01 Sep 2023 09:24:22 GMT
Server
nginx/1.26.2
Vary
Accept-Encoding
all.min.css
rutgon.com.vn/static/https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/
0
0
Stylesheet
General
Full URL
https://rutgon.com.vn/static/https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Requested by
Host: rutgon.com.vn
URL: https://rutgon.com.vn/shorten
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
36.50.177.1 , Viet Nam, ASN151885 (ANTOANDULIEU-VN DATA SECURITY SOLUTIONS LIMITED, VN),
Reverse DNS
Software
nginx/1.26.2 / PHP/8.1.2-1ubuntu2.18
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://rutgon.com.vn/shorten

Response headers

Transfer-Encoding
chunked
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Date
Sun, 10 Nov 2024 11:13:33 GMT
Content-Type
text/html; charset=UTF-8
X-Powered-By
PHP/8.1.2-1ubuntu2.18
Server
nginx/1.26.2
style.min.css
rutgon.com.vn/static/
20 KB
4 KB
Stylesheet
General
Full URL
https://rutgon.com.vn/static/style.min.css
Requested by
Host: rutgon.com.vn
URL: https://rutgon.com.vn/shorten
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
36.50.177.1 , Viet Nam, ASN151885 (ANTOANDULIEU-VN DATA SECURITY SOLUTIONS LIMITED, VN),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
ff22891ecfb9b6671fa344111ace593999409241a08ee1a22af983743693e10e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://rutgon.com.vn/shorten

Response headers

Content-Encoding
gzip
ETag
"4f9b-623e31e1c8d80-gzip"
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=86400
Content-Length
4039
Date
Sun, 10 Nov 2024 11:13:33 GMT
Content-Type
text/css
Last-Modified
Mon, 07 Oct 2024 13:37:10 GMT
Server
nginx/1.26.2
Vary
Accept-Encoding
rutgon.svg
rutgon.com.vn/content/
5 KB
2 KB
Image
General
Full URL
https://rutgon.com.vn/content/rutgon.svg
Requested by
Host: rutgon.com.vn
URL: https://rutgon.com.vn/shorten
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
36.50.177.1 , Viet Nam, ASN151885 (ANTOANDULIEU-VN DATA SECURITY SOLUTIONS LIMITED, VN),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
86fe482d5110ecfb1d2467440e5ac417e1f556f83e3bb7942887b30b4bba6e54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://rutgon.com.vn/shorten

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"1294-61c6c70a26300"
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Date
Sun, 10 Nov 2024 11:13:33 GMT
Content-Type
image/svg+xml
Last-Modified
Thu, 04 Jul 2024 14:05:32 GMT
Server
nginx/1.26.2
temu-aff.jpg
vungoctuan.vn/wp-content/uploads/2024/10/
61 KB
61 KB
Image
General
Full URL
https://vungoctuan.vn/wp-content/uploads/2024/10/temu-aff.jpg?text=Ki%E1%BA%BFm%20Ti%E1%BB%81n%20v%E1%BB%9Bi%20Temu
Requested by
Host: rutgon.com.vn
URL: https://rutgon.com.vn/shorten
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.130.212.57 , Viet Nam, ASN135953 (BKHOST-AS-VN Vietnam Online Network Solution Joint Stock Compnay, VN),
Reverse DNS
ip.bkhost.vn
Software
/
Resource Hash
e4e9a3869a236b541891437d6e9b358fcc9538b2754745ab09c71c9477e32cc5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://rutgon.com.vn/

Response headers

cache-control
public, max-age=604800
expires
Sun, 17 Nov 2024 11:11:40 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
62032
date
Sun, 10 Nov 2024 11:11:40 GMT
content-type
image/jpeg
last-modified
Tue, 29 Oct 2024 17:10:00 GMT
js
www.googletagmanager.com/gtag/
322 KB
108 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T16LTNB42D
Requested by
Host: rutgon.com.vn
URL: https://rutgon.com.vn/shorten
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0629d7244f4bc7aba24fb2429b8ac38c896b24c8542b65714b99495b357a1952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://rutgon.com.vn/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 10 Nov 2024 11:13:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 11:13:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109450
x-xss-protection
0
server
Google Tag Manager
variables.css
rutgon.com.vn/content/
341 B
508 B
Stylesheet
General
Full URL
https://rutgon.com.vn/content/variables.css
Requested by
Host: rutgon.com.vn
URL: https://rutgon.com.vn/static/style.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
36.50.177.1 , Viet Nam, ASN151885 (ANTOANDULIEU-VN DATA SECURITY SOLUTIONS LIMITED, VN),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
ff2bec6404c2baef704ce46522ef1dfb606d6920aa1f4d667759d3e51ea67eff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://rutgon.com.vn/static/style.min.css

Response headers

Content-Encoding
gzip
ETag
"155-6267d1507ca92-gzip"
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=86400
Content-Length
184
Date
Sun, 10 Nov 2024 11:13:34 GMT
Content-Type
text/css
Last-Modified
Sat, 09 Nov 2024 16:08:45 GMT
Server
nginx/1.26.2
Vary
Accept-Encoding
nunito-sans-v12-latin-700.woff2
rutgon.com.vn/static/frontend/fonts/
17 KB
17 KB
Font
General
Full URL
https://rutgon.com.vn/static/frontend/fonts/nunito-sans-v12-latin-700.woff2
Requested by
Host: rutgon.com.vn
URL: https://rutgon.com.vn/static/style.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
36.50.177.1 , Viet Nam, ASN151885 (ANTOANDULIEU-VN DATA SECURITY SOLUTIONS LIMITED, VN),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://rutgon.com.vn
Referer
https://rutgon.com.vn/static/style.min.css

Response headers

ETag
"42dc-5eccab83b5b80"
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=86400
Content-Length
17116
Date
Sun, 10 Nov 2024 11:13:34 GMT
Content-Type
font/woff2
Last-Modified
Sun, 06 Nov 2022 10:25:02 GMT
Server
nginx/1.26.2
nunito-sans-v12-latin-800.woff2
rutgon.com.vn/static/frontend/fonts/
17 KB
17 KB
Font
General
Full URL
https://rutgon.com.vn/static/frontend/fonts/nunito-sans-v12-latin-800.woff2
Requested by
Host: rutgon.com.vn
URL: https://rutgon.com.vn/static/style.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
36.50.177.1 , Viet Nam, ASN151885 (ANTOANDULIEU-VN DATA SECURITY SOLUTIONS LIMITED, VN),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://rutgon.com.vn
Referer
https://rutgon.com.vn/static/style.min.css

Response headers

ETag
"43ac-5eccab83b5b80"
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=86400
Content-Length
17324
Date
Sun, 10 Nov 2024 11:13:34 GMT
Content-Type
font/woff2
Last-Modified
Sun, 06 Nov 2022 10:25:02 GMT
Server
nginx/1.26.2
nunito-sans-v12-latin-regular.woff2
rutgon.com.vn/static/frontend/fonts/
17 KB
17 KB
Font
General
Full URL
https://rutgon.com.vn/static/frontend/fonts/nunito-sans-v12-latin-regular.woff2
Requested by
Host: rutgon.com.vn
URL: https://rutgon.com.vn/static/style.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
36.50.177.1 , Viet Nam, ASN151885 (ANTOANDULIEU-VN DATA SECURITY SOLUTIONS LIMITED, VN),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://rutgon.com.vn
Referer
https://rutgon.com.vn/static/style.min.css

Response headers

ETag
"4254-5eccab83b5b80"
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=86400
Content-Length
16980
Date
Sun, 10 Nov 2024 11:13:34 GMT
Content-Type
font/woff2
Last-Modified
Sun, 06 Nov 2022 10:25:02 GMT
Server
nginx/1.26.2
nunito-sans-v12-latin-italic.woff2
rutgon.com.vn/static/frontend/fonts/
17 KB
18 KB
Font
General
Full URL
https://rutgon.com.vn/static/frontend/fonts/nunito-sans-v12-latin-italic.woff2
Requested by
Host: rutgon.com.vn
URL: https://rutgon.com.vn/static/style.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
36.50.177.1 , Viet Nam, ASN151885 (ANTOANDULIEU-VN DATA SECURITY SOLUTIONS LIMITED, VN),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://rutgon.com.vn
Referer
https://rutgon.com.vn/static/style.min.css

Response headers

ETag
"4514-5eccab83b5b80"
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=86400
Content-Length
17684
Date
Sun, 10 Nov 2024 11:13:34 GMT
Content-Type
font/woff2
Last-Modified
Sun, 06 Nov 2022 10:25:02 GMT
Server
nginx/1.26.2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-T16LTNB42D&gtm=45je4b70v9168790847za200&_p=1731237214261&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1527521582.1731237214&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731237214&sct=1&seg=0&dl=https%3A%2F%2Frutgon.com.vn%2Fshorten&dt=Error%20-%20R%C3%BAt%20g%E1%BB%8Dn%20link%20rutgon.com.vn&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2848
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T16LTNB42D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://rutgon.com.vn/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://rutgon.com.vn
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 11:13:34 GMT
content-type
text/plain
server
Golfe2
favicon-rutgon.png
rutgon.com.vn/content/
51 KB
51 KB
Other
General
Full URL
https://rutgon.com.vn/content/favicon-rutgon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
36.50.177.1 , Viet Nam, ASN151885 (ANTOANDULIEU-VN DATA SECURITY SOLUTIONS LIMITED, VN),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
ebee8648deb36bde5ebf7b2a9df27c7168800b2acbc806c73b7b3e563356982a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://rutgon.com.vn/shorten

Response headers

ETag
"caa4-5ff05181c9900"
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=86400
Content-Length
51876
Date
Sun, 10 Nov 2024 11:13:36 GMT
Content-Type
image/png
Last-Modified
Mon, 26 Jun 2023 09:37:08 GMT
Server
nginx/1.26.2
365phim
openinapp.link/
23 KB
8 KB
Document
General
Full URL
https://openinapp.link/365phim
Requested by
Host: rutgon.com.vn
URL: https://rutgon.com.vn/shorten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare / Express
Resource Hash
620ed4089530b21f2f28228b17421d6d2163ceded3104febbdf632cd9a88cdc8

Request headers

Referer
https://rutgon.com.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e059d50afdb3a8c-FRA
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Sun, 10 Nov 2024 11:13:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zG97Y2%2Fcpqhgpf%2BeZkUvKWBIYnNb1k5iF4zM79i3z6JXIjxd3PJrH2V54WgYRxHzs3P56XsZOinPeY9CDCyerHBcmxpZ8XJTnEyH1%2FolTr%2B2Vk6gDbzTM5ihlIbjzzIbXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=13406&sent=21&recv=10&lost=2&retrans=8&sent_bytes=4581&recv_bytes=4506&delivery_rate=372&cwnd=8400&unsent_bytes=0&cid=7905f219f1572caa&ts=1162&x=1" cfHdrFlush;dur=0
vary
accept-encoding
x-powered-by
Express
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-T16LTNB42D&gtm=45je4b70v9168790847za200&_p=1731237214261&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1527521582.1731237214&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731237214&sct=1&seg=0&dl=https%3A%2F%2Frutgon.com.vn%2Fshorten&dt=Error%20-%20R%C3%BAt%20g%E1%BB%8Dn%20link%20rutgon.com.vn&en=scroll&epn.percent_scrolled=90&_et=16&tfd=7872
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T16LTNB42D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://rutgon.com.vn/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://rutgon.com.vn
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 11:13:39 GMT
content-type
text/plain
server
Golfe2
dotlottie-player.js
unpkg.com/@dotlottie/player-component@1.0.0/dist/
332 KB
112 KB
Script
General
Full URL
https://unpkg.com/@dotlottie/player-component@1.0.0/dist/dotlottie-player.js
Requested by
Host: openinapp.link
URL: https://openinapp.link/365phim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f8cb -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://openinapp.link/365phim

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"52f95-a5ortVpVcaDVdN2fO+5oFj6JbNE"
age
370079
x-content-type-options
nosniff
date
Sun, 10 Nov 2024 11:13:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JBZVH629FQG8C55GHZG6E340-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8e059d54d8cfdc7a-FRA
access-control-allow-origin
*
server
cloudflare
logo.svg
openinapp.link/
9 KB
4 KB
Image
General
Full URL
https://openinapp.link/logo.svg
Requested by
Host: openinapp.link
URL: https://openinapp.link/365phim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://openinapp.link/365phim

Response headers

content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"2578-18df9f36718"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zp26fr2DDU%2BYF3qfVA9IWqAku0A0wVpUzZd7XPXZfFCzuEndTGQtR577ROhVf%2BZg7fFDWD51kboT%2FPomBP%2BM3xS8oPd6iU%2B66sDWK1rjCt1odHTWJbAkUUJSu2hophZweA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10889&sent=47&recv=16&lost=2&retrans=8&sent_bytes=32569&recv_bytes=5633&delivery_rate=287991&cwnd=8400&unsent_bytes=0&cid=7905f219f1572caa&ts=1568&x=1", cfHdrFlush;dur=79
date
Sun, 10 Nov 2024 11:13:40 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Fri, 01 Mar 2024 12:18:14 GMT
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e059d54aabf3a8c-FRA
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
stroke.svg
openinapp.link/
452 B
898 B
Image
General
Full URL
https://openinapp.link/stroke.svg
Requested by
Host: openinapp.link
URL: https://openinapp.link/365phim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://openinapp.link/365phim

Response headers

content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"1c4-18bae38c04b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6bZzN%2BnW6uRbD7bhAjbnbZyyO1qQpo0A9cZVzgCegTgaZIiG1D3GrOF7PgwZWjtdteQb0uzuf5i88zTwkuFYDoQ%2BqJGskjiWTUg7qWowOTObN18UrGq3zsw0je6atkkFqg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10889&sent=47&recv=16&lost=2&retrans=8&sent_bytes=32569&recv_bytes=5633&delivery_rate=287991&cwnd=8400&unsent_bytes=0&cid=7905f219f1572caa&ts=1564&x=1", cfHdrFlush;dur=83
date
Sun, 10 Nov 2024 11:13:40 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Wed, 08 Nov 2023 09:17:16 GMT
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e059d54aac03a8c-FRA
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: openinapp.link
URL: https://openinapp.link/365phim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://openinapp.link
Referer
https://openinapp.link/365phim

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8e059d560edc65df-FRA
access-control-allow-origin
*
date
Sun, 10 Nov 2024 11:13:40 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
animation.lottie
openinapp.link/
70 KB
70 KB
XHR
General
Full URL
https://openinapp.link/animation.lottie
Requested by
Host: unpkg.com
URL: https://unpkg.com/@dotlottie/player-component@1.0.0/dist/dotlottie-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 -, , ASN (),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://openinapp.link/365phim

Response headers

cf-cache-status
DYNAMIC
etag
W/"11609-1916b0cdd76"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rWurh6PLVosi8%2BOjD2X%2BXxC0zT4Ni9W%2BHJRgfxvRgNmjYADwdvIgRl50WfzwFhOHQjj0Wx0dR75SC6DALIEhlg2W20DDgFv57zvh%2B%2Fpp5Fx0pXJrqEk%2FlsIiquHz5CqTkw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12557&sent=30&recv=13&lost=2&retrans=8&sent_bytes=12727&recv_bytes=5502&delivery_rate=43683&cwnd=8400&unsent_bytes=0&cid=7905f219f1572caa&ts=1429&x=1", cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 11:13:40 GMT
content-type
application/octet-stream
last-modified
Mon, 19 Aug 2024 14:31:30 GMT
cache-control
public, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e059d556b3f3a8c-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
71177
x-powered-by
Express
server
cloudflare
Primary Request /
365phim.com/
171 KB
20 KB
Document
General
Full URL
https://365phim.com/
Requested by
Host: openinapp.link
URL: https://openinapp.link/365phim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8272 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
00c528ad38d5ee1554e4ead22d7a70802412057a461221331eba968f3ad0ef79

Request headers

Referer
https://openinapp.link/365phim
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8e059d561adedbe3-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 10 Nov 2024 11:13:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jyzMcaKvnGtNUxJ4hdW1pRa8F5E2Bnx8LLqLWTvxDD4Jgakaa6fL%2F5MlRvdKyW2UDvLsYOI34RZjasbDZd9lF%2BSKprc2ZniIP425P79qNLxTbO6V3zkADL39y4jAWe9%2Ffa9CB%2Bj49%2FOSYw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=8922&sent=8&recv=13&lost=0&retrans=0&sent_bytes=3997&recv_bytes=2323&delivery_rate=359645&cwnd=252&unsent_bytes=0&cid=26e49abaade8dae7&ts=1059&x=0"
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
css
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
c29e9fa4775e336b38c5c64cdd3d4d36e85fb8b9113eeadb0cd5f2b0478ad829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 10 Nov 2024 11:13:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 10 Nov 2024 09:16:44 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
1 KB
575 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Encode+Sans
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
1719ca3fd13f142bef15118c622e414578fbc74ccbac2fbb3a2f5cbade0adc4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 10 Nov 2024 11:13:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 10 Nov 2024 11:13:41 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
2 KB
637 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Merriweather+Sans
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
ae497ee76745d59ff2864f6b3c34ad0cec7fce636e2a4e762ab4b7d93c826629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 10 Nov 2024 11:13:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 10 Nov 2024 11:13:41 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bootstrap.min.css
365phim.com/themes/bptv/css/
120 KB
22 KB
Stylesheet
General
Full URL
https://365phim.com/themes/bptv/css/bootstrap.min.css
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8272 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0b395457b3c9cb8ecbd5bb8e3ca02520e9805f92ccbd7b73c53ee83ad872a70c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
249108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yANGoOMPk5QK8Td6wLKDbP%2BSCWE02tDZeOoR%2B%2FkDpWtzsAC0HPVWs4mFFTHOyVaYxdMz4axgNRf1VpLrGLZoXDx8gL064KYAa5BcwV9%2F7q7Xc36aWtKrVac56lQSN%2FX2rXeUypjtq8uyA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e059d5c5aa0dbe3-FRA
expires
Thu, 14 Nov 2024 14:01:53 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=8724&sent=38&recv=24&lost=0&retrans=0&sent_bytes=23104&recv_bytes=3385&delivery_rate=2245785&cwnd=254&unsent_bytes=0&cid=26e49abaade8dae7&ts=1088&x=0"
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
text/css
last-modified
Mon, 30 Sep 2024 09:02:26 GMT
vary
Accept-Encoding
server
cloudflare
fonts.css
365phim.com/themes/bptv/css/
71 KB
17 KB
Stylesheet
General
Full URL
https://365phim.com/themes/bptv/css/fonts.css
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8272 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2a5f798709512879594fc7743e93728497b98c0bc3246ca74d2f17af2f5c72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
192990
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5NDZyFOTzytm0BZD2tg4ic9W5O7Nr5NbCY7tpWJc6AH3QUYi101gbyeRm%2FhnHqH8K7n%2BQ1uaPOPmBi6up5S%2FwwLd0NHqvg9MyQHK%2FZm761jEoqVcRNCLRiDwISZxCKaYTPfnyJM28gGQyA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e059d5c5aa3dbe3-FRA
expires
Fri, 15 Nov 2024 05:37:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=8724&sent=65&recv=24&lost=0&retrans=0&sent_bytes=45561&recv_bytes=3385&delivery_rate=2245785&cwnd=254&unsent_bytes=0&cid=26e49abaade8dae7&ts=1089&x=0"
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
text/css
last-modified
Mon, 30 Sep 2024 09:02:26 GMT
vary
Accept-Encoding
server
cloudflare
style.css
365phim.com/themes/bptv/css/
109 KB
24 KB
Stylesheet
General
Full URL
https://365phim.com/themes/bptv/css/style.css
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8272 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
382f1b6b31be9221b429d80ed7d8ac4edfb447b8558002ed180d2a8646779c54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
378522
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FVOX5UnS6uTXeUshEPlnr%2FWjUXBOdi6VaNedCRk6Zy%2BmNBuKL3rR1F3bHEXDVRNypxq0hOpoC%2B3PgrEAXN25oelD6X%2Fkq3GJXzajPW5%2B0wdlBXBUhTFMhDPxvYueMD14II37UDqiTcHnzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e059d5c5aa5dbe3-FRA
expires
Wed, 13 Nov 2024 02:04:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=8724&sent=83&recv=24&lost=0&retrans=0&sent_bytes=62965&recv_bytes=3385&delivery_rate=2245785&cwnd=254&unsent_bytes=0&cid=26e49abaade8dae7&ts=1090&x=0"
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
text/css
last-modified
Mon, 30 Sep 2024 09:02:26 GMT
vary
Accept-Encoding
server
cloudflare
custom.css
365phim.com/themes/bptv/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://365phim.com/themes/bptv/css/custom.css
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8272 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2088e68d9baffe8ffbfbd5901aa36194514230f5faf33f1b40cc00300792c12d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
249108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=huMaGy6bK9UHPbHNPQTpJf8Z%2Fu8SyodTNALTrhc4yQ8FjZe0jNNAV9fxLnUbbTqNV49S3BLE5ZUb4RhEa9Qlyh%2FC5FxUld%2F6AlLN1vFZTGccDUWswJSBEwdifoIbITOH2k9lUr%2FYcs6fzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e059d5c5aa9dbe3-FRA
expires
Thu, 14 Nov 2024 14:01:53 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=8724&sent=30&recv=24&lost=0&retrans=0&sent_bytes=19406&recv_bytes=3385&delivery_rate=2245785&cwnd=254&unsent_bytes=0&cid=26e49abaade8dae7&ts=1087&x=0"
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
text/css
last-modified
Mon, 30 Sep 2024 09:02:26 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/
323 KB
108 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NC0NPQDM5R
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d59bd97419d72e867de5d18da9a57684ce52b4e57b2d28940d4307de24228613
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 10 Nov 2024 11:13:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109567
x-xss-protection
0
server
Google Tag Manager
sdk.js
connect.facebook.net/vi_VN/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/vi_VN/sdk.js
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
1198416bd410e0c3113f35d22b3f963dcc8a7b363785d01208b5751d7b86464f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://365phim.com
Referer
https://365phim.com/

Response headers

content-md5
hvFMXuMJexBXdYkB+Y/2og==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"4b8b1bc31905430a7c4c32af0bd11705"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sun, 10 Nov 2024 11:27:34 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
695e2bf95c4d1e21b435bf0bcd5d376b
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4444, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
YMJyELXHekG+xxcz/KRc7EkJb87iiLRk7MWOrBe07FvSmUxcjocvAMT5nzIf5koBmxpJsZlP2yJHWpQNHqcagg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1686
origin-agent-cluster
?1
365p.svg
365phim.com/storage/files/
4 KB
2 KB
Image
General
Full URL
https://365phim.com/storage/files/365p.svg
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8272 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
56fb8470077e332ac8f48acdb57acbf33a9c07188cadf233efcbeff621d58925

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
186964
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zTF5DUqr81ywUbRDI4an1AQBZHH9x2ohCuruFPEaJcHq%2Bo%2FXwLOyPeBJEUflq2NxySCSpBjmu47Qbk8wSHSf9dPJ65d4fNWMo3T4ioL4QWalNwzq796bPeI%2B%2FrajUdkTxqiBw8TcUM4xeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e059d5c5aabdbe3-FRA
expires
Fri, 15 Nov 2024 07:17:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=8724&sent=33&recv=24&lost=0&retrans=0&sent_bytes=20596&recv_bytes=3385&delivery_rate=2245785&cwnd=254&unsent_bytes=0&cid=26e49abaade8dae7&ts=1088&x=0"
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
image/svg+xml
last-modified
Mon, 30 Sep 2024 14:30:15 GMT
vary
Accept-Encoding
server
cloudflare
rem-ngoc-chau-sa-thumb.jpg
img.ophim.live/uploads/movies/
67 KB
0
Image
General
Full URL
https://img.ophim.live/uploads/movies/rem-ngoc-chau-sa-thumb.jpg
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.231 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cf-cache-status
HIT
etag
"895f28fa5be75c914fa7c23b078376c3"
age
472176
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qqnupvUGOlU9eXEpfkDI53Szlp4JldvDQTtOLAtVcHv3vEYTwGwp20i2WGAL%2BDAByqCaxF3xU%2B0RrUgSnz1F4GKBPMDetwi2sQHo1Q7NcBe8sT2kL1yesExyV0XmE6l4ww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=241803&sent=20&recv=12&lost=0&retrans=0&sent_bytes=15527&recv_bytes=6107&delivery_rate=13761&cwnd=12000&unsent_bytes=0&cid=4c7eff8541a12187&ts=298&x=1", cfExtPri, cfHdrFlush;dur=230
date
Sun, 10 Nov 2024 11:13:42 GMT
content-type
image/jpeg
last-modified
Fri, 01 Nov 2024 05:17:42 GMT
vary
Origin, Accept-Encoding
priority
u=2,i
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1804E9A3D531B7A6
cf-ray
8e059d5efc82408f-SIN
accept-ranges
bytes
content-length
286983
x-xss-protection
1; mode=block
server
cloudflare
dai-mong-quy-ly-thumb.jpg
img.ophim.live/uploads/movies/
64 KB
0
Image
General
Full URL
https://img.ophim.live/uploads/movies/dai-mong-quy-ly-thumb.jpg
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.231 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cf-cache-status
HIT
etag
"b5193d3c64d56d57d692148b670a72bb"
age
207952
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rNU3GaR0E3vRVhAMI5p6zXzLkfa5SZ64nwknjeMysiOPFVWCRdFeBzdXbOuAsL74hQd%2FfXj0LQ9LjLOyuv5hQ4kHfge6x7XMuJ%2FqJtW6RZfEwSzZuDbSbM3TdZgestRmIg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=241803&sent=20&recv=12&lost=0&retrans=0&sent_bytes=15527&recv_bytes=6107&delivery_rate=13761&cwnd=12000&unsent_bytes=0&cid=4c7eff8541a12187&ts=295&x=1", cfExtPri, cfHdrFlush;dur=233
date
Sun, 10 Nov 2024 11:13:42 GMT
content-type
image/jpeg
last-modified
Sat, 26 Oct 2024 05:19:10 GMT
vary
Origin, Accept-Encoding
priority
u=2,i
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1805D9F3438A78EE
cf-ray
8e059d5efc7d408f-SIN
accept-ranges
bytes
content-length
2050398
x-xss-protection
1; mode=block
server
cloudflare
vinh-da-tinh-ha-thumb.jpg
img.ophim.live/uploads/movies/
69 KB
0
Image
General
Full URL
https://img.ophim.live/uploads/movies/vinh-da-tinh-ha-thumb.jpg
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.231 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cf-cache-status
HIT
etag
"14f6561f2be0db19205d6da84ee6c6e6"
age
385256
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DTIRjqjlr4asO2R6UkVr05Yh8ckqknpiGY1k79fiOygCBb6YyyZQkYq5plSZyxjLCxE%2BdVjRChHEOjwXNXHDDFWM8SFeWgasbfEXOOc5UuePY8%2F7PNixbp11OzrgniMbKA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=241803&sent=20&recv=12&lost=0&retrans=0&sent_bytes=15527&recv_bytes=6107&delivery_rate=13761&cwnd=12000&unsent_bytes=0&cid=4c7eff8541a12187&ts=294&x=1", cfExtPri, cfHdrFlush;dur=234
date
Sun, 10 Nov 2024 11:13:42 GMT
content-type
image/jpeg
last-modified
Fri, 01 Nov 2024 05:21:49 GMT
vary
Origin, Accept-Encoding
priority
u=2,i
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
180538B15960D4C7
cf-ray
8e059d5efc7f408f-SIN
accept-ranges
bytes
content-length
1527011
x-xss-protection
1; mode=block
server
cloudflare
h3ylT7P.jpg
i.imgur.com/
302 KB
303 KB
Image
General
Full URL
https://i.imgur.com/h3ylT7P.jpg
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 -, , ASN (),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
7bfaf07e93945c899ec80aae73224b90e04bf240a1e89f5b8a9adb503c9f2fcc
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

etag
"0613fbe56fecef64ce2a37e98d6ee56f"
age
598768
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-amz-storage-class
STANDARD_IA
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
vWF8_ekJMEV-LbG9Un17ZKIrxrZFr9pV0STRlCw5PpiwekgODdybjQ==
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
image/jpeg
last-modified
Sat, 23 Sep 2023 16:30:18 GMT
x-cache-hits
26, 0
x-served-by
cache-iad-kcgs7200117-IAD, cache-fra-etou8220153-FRA
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1731237222.910826,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
content-length
309510
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
x-amz-server-side-encryption
AES256
loi-noi-doi-cua-em-cung-de-nghe-thumb.jpg
img.ophim.live/uploads/movies/
0
0

cam-tu-an-ninh-thumb.jpg
img.ophim.live/uploads/movies/
0
0

spellbound-thumb.jpg
img.ophim.live/uploads/movies/
11 KB
0
Image
General
Full URL
https://img.ophim.live/uploads/movies/spellbound-thumb.jpg
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.231 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cf-cache-status
HIT
etag
"74a1261f7fe8a8acfd8b2f56985d8881"
age
226813
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jmpdS1eGqMeqs6kKjCf5ge58%2FTW%2BHUunFW1VnwTSbLg1bNNo%2Bd9%2BWBWmT8lmC7RdbZ%2FKXbNqDBNZhgGA3NDTzIrRhcy2%2FYfcT74%2FciP3I%2Bx%2FuFt%2BCGG2QCEtN2X7RC%2BtJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=241803&sent=10&recv=12&lost=0&retrans=0&sent_bytes=4110&recv_bytes=6107&delivery_rate=13761&cwnd=12000&unsent_bytes=0&cid=4c7eff8541a12187&ts=290&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 11:13:42 GMT
content-type
image/jpeg
last-modified
Thu, 16 May 2024 18:00:23 GMT
vary
Origin, Accept-Encoding
priority
u=3,i
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1805C8CBCF65703D
cf-ray
8e059d5efc88408f-SIN
accept-ranges
bytes
content-length
995709
x-xss-protection
1; mode=block
server
cloudflare
tham-phan-tu-dia-nguc-thumb.jpg
img.ophim.live/uploads/movies/
53 KB
53 KB
Image
General
Full URL
https://img.ophim.live/uploads/movies/tham-phan-tu-dia-nguc-thumb.jpg
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.231 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c3202f434e270f582fe92d3022c72548f8cff09f4045c44fd45aa01e9790c99f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cf-cache-status
HIT
etag
"7f87151e84632788147f6e3e254f10d6"
age
4302503
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1bSvil6yPdZYwWV2jSlvpLh026H9x7FJayPvU7BwPj46h%2FSM989f5NKuVToRO0JuLL3nBH0PlhhIgM3vrpzdoCZb%2BXHTy48aHmGUSrvCgxbFFl30DSFrniLIre4NcfXOQg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=241803&sent=21&recv=15&lost=0&retrans=0&sent_bytes=15551&recv_bytes=7193&delivery_rate=13761&cwnd=12000&unsent_bytes=0&cid=4c7eff8541a12187&ts=385&x=1", cfExtPri, cfHdrFlush;dur=383
date
Sun, 10 Nov 2024 11:13:42 GMT
content-type
image/jpeg
last-modified
Sat, 21 Sep 2024 16:00:11 GMT
vary
Origin, Accept-Encoding
priority
u=1,i
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17F74DFA5AEB5B74
cf-ray
8e059d5fbd58408f-SIN
accept-ranges
bytes
content-length
53815
x-xss-protection
1; mode=block
server
cloudflare
xuan-hoa-diem-thumb.jpg
img.ophim.live/uploads/movies/
807 KB
808 KB
Image
General
Full URL
https://img.ophim.live/uploads/movies/xuan-hoa-diem-thumb.jpg
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.231 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
751e0b0cdc3e6ab666307e799b5d8f7ddcaaf5bdecd74e4bb0910caadd9ab656
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cf-cache-status
HIT
etag
"c2afd05e01d9b36dc8cc0fcea873e9c7"
age
2348570
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mGfBi4c%2FnjkMpV2tZL1RhzsUzJvVIpUbIV8J9GU0q5BdwDZ9v7BvzJzqcsxF1ZGiRlPSnnYsHd%2BGflPh5HTqcmnLOVOC6mqSYpw9o3YkLnDdPeFpPlQAIU%2FMXfCF1nkdwA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=241803&sent=21&recv=15&lost=0&retrans=0&sent_bytes=15551&recv_bytes=7193&delivery_rate=13761&cwnd=12000&unsent_bytes=0&cid=4c7eff8541a12187&ts=385&x=1", cfExtPri, cfHdrFlush;dur=383
date
Sun, 10 Nov 2024 11:13:42 GMT
content-type
image/jpeg
last-modified
Mon, 14 Oct 2024 06:44:03 GMT
vary
Origin, Accept-Encoding
priority
u=1,i
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17FE3F11A286B981
cf-ray
8e059d5fbd56408f-SIN
accept-ranges
bytes
content-length
826345
x-xss-protection
1; mode=block
server
cloudflare
chu-cho-biet-tuot-thumb.jpg
img.ophim.live/uploads/movies/
82 KB
83 KB
Image
General
Full URL
https://img.ophim.live/uploads/movies/chu-cho-biet-tuot-thumb.jpg
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.231 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a425d12069f912ba3d88cd9b3e1c76411a08c0a23980c982f2f9b369682dc35e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cf-cache-status
HIT
etag
"148a5ed8fba337e6de163b3bd1a03e57"
age
395420
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DAsIGprOVwCib%2FAu%2FcVbpYtPTipfXiHjZ3uR9NuccRsERK7beZ8%2BaIhYtqUs%2FI6ud3JbVZCirjaqoTJOlu5d0jj%2FVmZjUJA9rN2MxyNARhUg2800q0zWBTxrCntLA%2BHefg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=241803&sent=21&recv=15&lost=0&retrans=0&sent_bytes=15551&recv_bytes=7193&delivery_rate=13761&cwnd=12000&unsent_bytes=0&cid=4c7eff8541a12187&ts=386&x=1", cfExtPri, cfHdrFlush;dur=382
date
Sun, 10 Nov 2024 11:13:42 GMT
content-type
image/jpeg
last-modified
Thu, 26 Sep 2024 00:39:03 GMT
vary
Origin, Accept-Encoding
priority
u=1,i
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18052F72DD446545
cf-ray
8e059d5fbd5b408f-SIN
accept-ranges
bytes
content-length
83674
x-xss-protection
1; mode=block
server
cloudflare
that-da-tuyet-thumb.jpg
img.ophim.live/uploads/movies/
0
0

ipDsgNCdLOECXYa2qnC57gIF4KG.jpg
phim.nguonc.com/public/images/Film/
24 KB
25 KB
Image
General
Full URL
https://phim.nguonc.com/public/images/Film/ipDsgNCdLOECXYa2qnC57gIF4KG.jpg
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae4e6b29980751d3cd83d8d5a370e826f499ccc2868b5389cf97679c46d8e8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cf-cache-status
HIT
etag
"64ae35d0-614e"
age
253
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tS8zSvK8N5l7fDFvqq2NoJwZT%2BN8b4GRmi5EZ%2Bp03pkb6u%2FWnjZoU4vq8ou3Kf91i48NMUBoIH8JnXyOMSN6rXAOpcr9Y9D5c%2BI%2BN%2F9md6mc66lbK6ChaEKFFTs6Wq6bbJsLhese5tYhRq%2BbJAo%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 10 Dec 2024 08:11:39 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=16215&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3938&recv_bytes=2254&delivery_rate=222724&cwnd=35&unsent_bytes=0&cid=cf12826229c14910&ts=50&x=0"
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
image/jpeg
last-modified
Wed, 12 Jul 2023 05:10:40 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e059d5d286501ff-CDG
accept-ranges
bytes
content-length
24910
server
cloudflare
chac-chan-phai-la-co-ay-thumb.jpg
img.ophim.live/uploads/movies/
0
0

linh-vuc-drama-2021-poster.jpg
img.ophim.live/uploads/movies/
0
0

css
fonts.googleapis.com/
4 KB
608 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Asap:400,500,700
Requested by
Host: 365phim.com
URL: https://365phim.com/themes/bptv/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
0a65061a8409fec8aafcfdb951144cf3d7af533e27fd808f09a03dc26d4bfda2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 10 Nov 2024 11:13:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 10 Nov 2024 11:01:47 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
40 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,400,700,300&amp;subset=latin,vietnamese
Requested by
Host: 365phim.com
URL: https://365phim.com/themes/bptv/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
d09a5529729974980994bcc07c94d0590f641f5facddc4f67121e33b068244d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 10 Nov 2024 11:13:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 10 Nov 2024 11:13:41 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: 365phim.com
URL: https://365phim.com/themes/bptv/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-7918"
age
141714
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCqWZi46QEVvnS7lJOPLrdgimbY7km84kqN9eoHnC944ViKAm6dcflqGQqv0islH71krkU70DZ1V7GX1THfWDFD3nXHb2J18WpJ2h3Q72Bo2vsQ2PSXDC%2BnHF%2Bj39w3reS6oqPS5"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 31 Oct 2025 11:13:41 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e059d5caf37d223-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5631
server
cloudflare
truncated
/
83 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3b88290b24da78b18319ab5f418c1a52620fbcc8f6a5fd3deaa06e9f67cc70d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
background.png
365phim.com/themes/bptv/images/
964 B
2 KB
Image
General
Full URL
https://365phim.com/themes/bptv/images/background.png
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.114 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
67a3507b189e164e5116df24d70ca2246d2d32654074f9b902a379c786afd19a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cf-cache-status
HIT
age
231463
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L30gLLi1H5N8PymaQ4qxoP23vHQupEl9BAmBXByn2i37UqWX5xBsZ0S1c2Tz2ShP3TzCsJaq6JSnkTLHfyAJdwGmdFz8sS7Hmegcd4hJOpM615pSoJdw%2B%2BFPJndPBw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 14 Nov 2024 18:55:57 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16442&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4239&recv_bytes=5034&delivery_rate=678&cwnd=12000&unsent_bytes=0&cid=73bd1bc62b4e821f&ts=88&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
image/png
last-modified
Mon, 30 Sep 2024 09:02:26 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e059d5cdb000299-CDG
accept-ranges
bytes
content-length
964
server
cloudflare
LDIcapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHhROjLsZBWTSrQGGHjVtKF7Q.woff2
fonts.gstatic.com/s/encodesans/v19/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/encodesans/v19/LDIcapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHhROjLsZBWTSrQGGHjVtKF7Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
93259600b49fb9faf7ec2437631a79352b3baf34b50474a2c3e82d5beaade218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://365phim.com
Referer
https://fonts.googleapis.com/

Response headers

age
330679
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:22:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:22:22 GMT
last-modified
Mon, 20 Mar 2023 20:54:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15120
x-xss-protection
0
server
sffe
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://365phim.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"5eb03e5f-12d68"
age
899453
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RCaOLFElUdEi7VE0y7P0uBpicJH79MWN9fD28b4RJOQOyePf4VfXdcrLvrOmd%2BbH33FtnOu6sjbMD5ObvaVqHVQrJYmcirtR2OPtSyTcv9SrStrWcSK52MmKHxFcubTndrzfZYp7"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 31 Oct 2025 11:13:41 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e059d5d0c7cd2f7-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
server
cloudflare
KFO9CniXp96a4Tc2DaTeuDAoKsE615hJW34.woff2
fonts.gstatic.com/s/asap/v30/
42 KB
42 KB
Font
General
Full URL
https://fonts.gstatic.com/s/asap/v30/KFO9CniXp96a4Tc2DaTeuDAoKsE615hJW34.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap:400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b1128adb79c7208d410630c04fe6e8ac8886aeb778aafb3f4195fe735acc1d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://365phim.com
Referer
https://fonts.googleapis.com/

Response headers

age
330160
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:31:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:31:01 GMT
last-modified
Tue, 06 Jun 2023 20:38:36 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
42616
x-xss-protection
0
server
sffe
2-cO9IRs1JiJN1FRAMjTN5zd9vgsFF_5asQTb6hZ2JKZou4ViesH.woff2
fonts.gstatic.com/s/merriweathersans/v26/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweathersans/v26/2-cO9IRs1JiJN1FRAMjTN5zd9vgsFF_5asQTb6hZ2JKZou4ViesH.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
2f29f9816ff37b85f42321a31d4369d71aaed45ff2936a5b9c90efd422334ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://365phim.com
Referer
https://fonts.googleapis.com/

Response headers

age
479479
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 04 Nov 2025 22:02:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 22:02:22 GMT
last-modified
Thu, 27 Apr 2023 00:13:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
16980
x-xss-protection
0
server
sffe
MaterialIcons-Regular.woff2
365phim.com/themes/bptv/fonts/
43 KB
44 KB
Font
General
Full URL
https://365phim.com/themes/bptv/fonts/MaterialIcons-Regular.woff2
Requested by
Host: 365phim.com
URL: https://365phim.com/themes/bptv/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.114 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://365phim.com
Referer
https://365phim.com/themes/bptv/css/fonts.css

Response headers

cf-cache-status
HIT
age
166503
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZXDOpVWIogfi6k78hA83hv7wwW7OGW237D2R%2BzkSl6zmtZ%2BYxDHirsoFW4pmI%2Fhb6217gVoz23e8xPKFqispyqrBwsenrvfpDUBH4MLaMooV32L%2FXmYtk54hhq%2B0MA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 15 Nov 2024 12:58:38 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17493&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5981&recv_bytes=6000&delivery_rate=69143&cwnd=12000&unsent_bytes=0&cid=73bd1bc62b4e821f&ts=121&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
font/woff2
last-modified
Mon, 30 Sep 2024 09:02:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e059d5d1b300299-CDG
accept-ranges
bytes
content-length
44300
server
cloudflare
LDIcapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHhROjLsZBWTSrQGGHjVt2F7WJC.woff2
fonts.gstatic.com/s/encodesans/v19/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/encodesans/v19/LDIcapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHhROjLsZBWTSrQGGHjVt2F7WJC.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d962cde86c7a6ca04fcbdb6bd57a4bfd3b55e427e16a126e67cf70d3b289344e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://365phim.com
Referer
https://fonts.googleapis.com/

Response headers

age
328440
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:59:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:59:41 GMT
last-modified
Mon, 20 Mar 2023 20:55:16 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
4608
x-xss-protection
0
server
sffe
KFO9CniXp96a4Tc2DaTeuDAoKsE615hGW36MAA.woff2
fonts.gstatic.com/s/asap/v30/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/asap/v30/KFO9CniXp96a4Tc2DaTeuDAoKsE615hGW36MAA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap:400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
24876ab7243e31a9ef776d417ac6e324e7b6ee467eee3dadcc3921878940b550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://365phim.com
Referer
https://fonts.googleapis.com/

Response headers

age
114147
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 03:31:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 03:31:14 GMT
last-modified
Tue, 06 Jun 2023 20:52:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
10984
x-xss-protection
0
server
sffe
KFO9CniXp96a4Tc2DaTeuDAoKsE615hHW36MAA.woff2
fonts.gstatic.com/s/asap/v30/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/asap/v30/KFO9CniXp96a4Tc2DaTeuDAoKsE615hHW36MAA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap:400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9f5c226ff1aef810646ba1dd5b2ad6759de9f940b6fe4a0118ace43c61e124bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://365phim.com
Referer
https://fonts.googleapis.com/

Response headers

age
329870
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:35:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:35:51 GMT
last-modified
Tue, 06 Jun 2023 20:49:00 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
34404
x-xss-protection
0
server
sffe
2-cO9IRs1JiJN1FRAMjTN5zd9vgsFF_5asQTb6hZ2JKZou4VhusH3xE.woff2
fonts.gstatic.com/s/merriweathersans/v26/
6 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweathersans/v26/2-cO9IRs1JiJN1FRAMjTN5zd9vgsFF_5asQTb6hZ2JKZou4VhusH3xE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
07ea5c2d4d298e1d93333b1f326a7a379e746f9eafaed333a28f7e2640838de1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://365phim.com
Referer
https://fonts.googleapis.com/

Response headers

age
328291
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 16:02:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:02:10 GMT
last-modified
Thu, 27 Apr 2023 00:34:33 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
6056
x-xss-protection
0
server
sffe
LDIcapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHhROjLsZBWTSrQGGHjVtyF7WJC.woff2
fonts.gstatic.com/s/encodesans/v19/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/encodesans/v19/LDIcapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHhROjLsZBWTSrQGGHjVtyF7WJC.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
695b7afba0557daf508fe352b1f90e3a74a154af83c6d2713575b8e767ecd2fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://365phim.com
Referer
https://fonts.googleapis.com/

Response headers

age
330391
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:27:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:27:10 GMT
last-modified
Mon, 20 Mar 2023 21:23:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13176
x-xss-protection
0
server
sffe
sdk.js
connect.facebook.net/vi_VN/
254 KB
75 KB
Script
General
Full URL
https://connect.facebook.net/vi_VN/sdk.js?hash=6ad0a8b7703de484112cdadd05b234ac
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
61fa0f483d61d7b318d360d674fc980325f7caf4b4512eb5dd98ebbafd40e51c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://365phim.com
Referer
https://365phim.com/

Response headers

content-md5
bI6+Iuhghh+UL5isgP4ihQ==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"d6e3ed0dc4b635f96dc457aa5521ae77"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Mon, 10 Nov 2025 10:21:47 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 10 Nov 2024 11:13:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
d9f8b7d4a9388fcc1cd6adf59e9045a6
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=26, mss=1232, tbw=8268, tp=14, tpl=0, uplat=1, ullat=-1
x-fb-debug
XnCFRB/UcBUt6pVzcEuAi5/mjjqsMgWx32/7ySntcSxKSzrcRkCVRDJD6dwn0VbBj1NILWiQV9J6CIhOEcxKdA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
76689
origin-agent-cluster
?1
icon.png
365phim.com/themes/bptv/images/
37 KB
38 KB
Image
General
Full URL
https://365phim.com/themes/bptv/images/icon.png
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.114 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2bfa9b98e3d0b8430a2b0f5fae827bdeb8323ef815f3959b37757b71f4547cda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cf-cache-status
HIT
age
86643
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=18dxZdnNMwIp2NCl5zTII8x%2BCbinrFV8mmvl0HfXZJqeO3QepJZ8yfoMLJkL%2B7Ey%2BCK9hx5L04fq7Zta7VXINLEBBzPepBFr9N7DBqw5BB0j3Z0lq93HoIhUUvUDtw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 11:09:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17115&sent=56&recv=37&lost=0&retrans=0&sent_bytes=52016&recv_bytes=11304&delivery_rate=1514270&cwnd=33600&unsent_bytes=0&cid=73bd1bc62b4e821f&ts=244&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 11:13:42 GMT
content-type
image/png
last-modified
Mon, 30 Sep 2024 09:02:26 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e059d5ddbec0299-CDG
accept-ranges
bytes
content-length
38281
server
cloudflare
default.include-footer.js
365phim.com/themes/bptv/js/
103 KB
24 KB
Script
General
Full URL
https://365phim.com/themes/bptv/js/default.include-footer.js
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.114 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ed36974f4996e94c840ac398deb4d33497a1f10f01167fd89f8c639a75f6d316

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
166504
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B9c3zibW5YvvoB36H7UQQ%2F5%2BDt0QiTcdn6W3dJviMQoCjTSgb9a0temdMmmXa%2FcUH70v7smsWFv0EWfXhpkF9jGJpuhf7JuqVFtldJuWFMpcx6HgAiXIKPm2W7OEHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 15 Nov 2024 12:58:38 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17115&sent=84&recv=37&lost=0&retrans=0&sent_bytes=85616&recv_bytes=11304&delivery_rate=1514270&cwnd=33600&unsent_bytes=0&cid=73bd1bc62b4e821f&ts=247&x=1", cfExtPri, cfHdrFlush;dur=15
date
Sun, 10 Nov 2024 11:13:42 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 09:02:26 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e059d5ddbee0299-CDG
server
cloudflare
jquery-2.1.0.min.js
365phim.com/themes/bptv/js/
82 KB
31 KB
Script
General
Full URL
https://365phim.com/themes/bptv/js/jquery-2.1.0.min.js
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.114 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
812f54d803194539b2a56427dc65308de8cc8418b6ef9d83315eebaab8424226

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
86645
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=57TRlVDTbxsC%2FWjkkS8%2BZHAaEnBc%2FJkIV9ft7JzHl30a7Jn1XxvHj01AX3JQQF%2FJ6dWo4TSWLVioNCLpg0PDaulr1B1KyMnqlCF3E2gpWJDj0J6LUHC8SsiMkOV7DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 11:09:37 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17115&sent=84&recv=37&lost=0&retrans=0&sent_bytes=85616&recv_bytes=11304&delivery_rate=1514270&cwnd=33600&unsent_bytes=0&cid=73bd1bc62b4e821f&ts=247&x=1", cfExtPri, cfHdrFlush;dur=15
date
Sun, 10 Nov 2024 11:13:42 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 09:02:26 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e059d5ddbef0299-CDG
server
cloudflare
bootstrap.min.js
365phim.com/themes/bptv/js/
35 KB
11 KB
Script
General
Full URL
https://365phim.com/themes/bptv/js/bootstrap.min.js
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.114 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
72903
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qfD66ZRrB6bceLpXZJJJZOpXWDu13pKfSt%2BwjlASk7lqpHv3DumzHfAZIPznCgQQlmIwjN4Yn85LTSv%2FN21EPiskZQisvJLSpblgxDgMyKP%2BjCAGRndxz4fieajM9w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 14:58:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17115&sent=84&recv=37&lost=0&retrans=0&sent_bytes=85616&recv_bytes=11304&delivery_rate=1514270&cwnd=33600&unsent_bytes=0&cid=73bd1bc62b4e821f&ts=246&x=1", cfExtPri, cfHdrFlush;dur=16
date
Sun, 10 Nov 2024 11:13:42 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 09:02:26 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e059d5ddbf10299-CDG
server
cloudflare
util.js
365phim.com/themes/bptv/js/fx/
6 KB
3 KB
Script
General
Full URL
https://365phim.com/themes/bptv/js/fx/util.js
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.114 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c6c8728dc5c24a136808d913360ec3ff6f766ee4521736e0c5a6da4cf3d59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
166505
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sCnMQey2%2BUznpeaYmwAr8WvfDglHZLpfJSaGduh9zj%2FWXCcEr5mhhDAh2qkCUO4z9PUhEBCnUQ7Q1kqcbdeQrjI2%2FA4aaj3dHA%2B2Y1cM%2FRHORa3yQQTCLaMkWwJCvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 15 Nov 2024 12:58:37 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17115&sent=84&recv=37&lost=0&retrans=0&sent_bytes=85616&recv_bytes=11304&delivery_rate=1514270&cwnd=33600&unsent_bytes=0&cid=73bd1bc62b4e821f&ts=249&x=1", cfExtPri, cfHdrFlush;dur=13
date
Sun, 10 Nov 2024 11:13:42 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 09:02:26 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e059d5ddbf20299-CDG
server
cloudflare
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-NC0NPQDM5R&gtm=45je4b70v9164399481za200&_p=1731237221879&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102015666&cid=1785389022.1731237222&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731237222&sct=1&seg=0&dl=https%3A%2F%2F365phim.com%2F&dr=https%3A%2F%2Fopeninapp.link%2F365phim&dt=365phim.com%20%7C%20Phim%20m%E1%BB%9Bi%20%7C%20Phim%20moi%20%7C%20365phim%7C%20motchill%20%7C%20subnhanh%20%7C%20Xem%20phim%20m%E1%BB%9Bi%202024%20%7C%20Phimmoi%20chill%20%7C%20Vietsub%20%7C%20Thuy%E1%BA%BFt%20Minh%20%7C%20L%E1%BB%93ng%20ti%E1%BA%BFng%20%7C%202024&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1431
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NC0NPQDM5R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://365phim.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 11:13:42 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
542 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NC0NPQDM5R&cid=1785389022.1731237222&gtm=45je4b70v9164399481za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101925629~102015666
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NC0NPQDM5R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://365phim.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 11:13:42 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NC0NPQDM5R&cid=1785389022.1731237222&gtm=45je4b70v9164399481za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101925629~102015666&tag_exp=101823848~101925629~102015666&z=1715418840
Requested by
Host: 365phim.com
URL: https://365phim.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://365phim.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 10 Nov 2024 11:13:42 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
co-ay-chi-la-the-than-thumb.jpg
img.ophim.live/uploads/movies/
0
0

pin-pak-tram-cai-toc-hoang-gia-thumb.jpg
img.ophim.live/uploads/movies/
0
0

vinh-sinh-phan-3-thumb.jpg
img.ophim.live/uploads/movies/
0
0

dung-yen-nguoi-phe-minh-thumb.jpg
img.ophim.live/uploads/movies/
0
0

dont-give-up-thumb.jpg
img.ophim.live/uploads/movies/
0
0

co-gai-song-trong-co-the-toi-thumb.jpg
img.ophim.live/uploads/movies/
0
0

su-phan-cong-cua-phu-nu-thumb.jpg
img.ophim.live/uploads/movies/
0
0

avengers-cuoc-chien-bi-mat-poster.jpg
img.ophim.live/uploads/movies/
0
0

bo-tu-sieu-dang-2025-poster.jpg
img.ophim.live/uploads/movies/
0
0

captain-america-the-gioi-moi-poster.jpg
img.ophim.live/uploads/movies/
0
0

avengers-trieu-dai-cua-kang-poster.jpg
img.ophim.live/uploads/movies/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/loi-noi-doi-cua-em-cung-de-nghe-thumb.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/cam-tu-an-ninh-thumb.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/that-da-tuyet-thumb.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/chac-chan-phai-la-co-ay-thumb.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/linh-vuc-drama-2021-poster.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/co-ay-chi-la-the-than-thumb.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/pin-pak-tram-cai-toc-hoang-gia-thumb.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/vinh-sinh-phan-3-thumb.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/dung-yen-nguoi-phe-minh-thumb.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/dont-give-up-thumb.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/co-gai-song-trong-co-the-toi-thumb.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/su-phan-cong-cua-phu-nu-thumb.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/avengers-cuoc-chien-bi-mat-poster.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/bo-tu-sieu-dang-2025-poster.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/captain-america-the-gioi-moi-poster.jpg
Domain
img.ophim.live
URL
https://img.ophim.live/uploads/movies/avengers-trieu-dai-cua-kang-poster.jpg

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

3 Cookies

Domain/Path Name / Value
rutgon.com.vn/ Name: PHPSESSID
Value: 32c2276112dce2d66d5ec5f7afa83665
.rutgon.com.vn/ Name: _ga
Value: GA1.1.1527521582.1731237214
.rutgon.com.vn/ Name: _ga_T16LTNB42D
Value: GS1.1.1731237214.1.0.1731237214.0.0.0

2 Console Messages

Source Level URL
Text
network error URL: https://rutgon.com.vn/shorten
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://rutgon.com.vn/static/https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

365phim.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
img.ophim.live
openinapp.link
phim.nguonc.com
region1.analytics.google.com
region1.google-analytics.com
rutgon.com.vn
static.cloudflareinsights.com
stats.g.doubleclick.net
unpkg.com
vungoctuan.vn
www.google.de
www.googletagmanager.com
img.ophim.live
103.130.212.57
104.17.24.14
142.250.185.163
142.250.186.67
157.240.251.9
172.67.130.114
172.67.198.231
188.114.96.3
199.232.192.193
2001:4860:4802:32::36
2001:4860:4802:34::36
2606:4700:3035::ac43:8272
2606:4700::6810:5049
2606:4700::6811:f8cb
2a00:1450:4001:802::200a
2a00:1450:4001:830::2008
2a00:1450:400c:c09::9b
2a06:98c1:3121::3
36.50.177.1
00c528ad38d5ee1554e4ead22d7a70802412057a461221331eba968f3ad0ef79
0629d7244f4bc7aba24fb2429b8ac38c896b24c8542b65714b99495b357a1952
07ea5c2d4d298e1d93333b1f326a7a379e746f9eafaed333a28f7e2640838de1
0a65061a8409fec8aafcfdb951144cf3d7af533e27fd808f09a03dc26d4bfda2
0b395457b3c9cb8ecbd5bb8e3ca02520e9805f92ccbd7b73c53ee83ad872a70c
1198416bd410e0c3113f35d22b3f963dcc8a7b363785d01208b5751d7b86464f
1719ca3fd13f142bef15118c622e414578fbc74ccbac2fbb3a2f5cbade0adc4f
1ae4e6b29980751d3cd83d8d5a370e826f499ccc2868b5389cf97679c46d8e8f
2088e68d9baffe8ffbfbd5901aa36194514230f5faf33f1b40cc00300792c12d
24876ab7243e31a9ef776d417ac6e324e7b6ee467eee3dadcc3921878940b550
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bfa9b98e3d0b8430a2b0f5fae827bdeb8323ef815f3959b37757b71f4547cda
2f29f9816ff37b85f42321a31d4369d71aaed45ff2936a5b9c90efd422334ae2
329d0bf37960ccf7c3a2ac30d6341d44851df9db3079d91892457e6ce28e1fa5
382f1b6b31be9221b429d80ed7d8ac4edfb447b8558002ed180d2a8646779c54
56fb8470077e332ac8f48acdb57acbf33a9c07188cadf233efcbeff621d58925
61fa0f483d61d7b318d360d674fc980325f7caf4b4512eb5dd98ebbafd40e51c
620ed4089530b21f2f28228b17421d6d2163ceded3104febbdf632cd9a88cdc8
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1
667244226d2cae230d34813312d2b962e94b8454fac7bd98606e67c41929f44a
67a3507b189e164e5116df24d70ca2246d2d32654074f9b902a379c786afd19a
695b7afba0557daf508fe352b1f90e3a74a154af83c6d2713575b8e767ecd2fc
6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3
751e0b0cdc3e6ab666307e799b5d8f7ddcaaf5bdecd74e4bb0910caadd9ab656
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bfaf07e93945c899ec80aae73224b90e04bf240a1e89f5b8a9adb503c9f2fcc
812f54d803194539b2a56427dc65308de8cc8418b6ef9d83315eebaab8424226
86fe482d5110ecfb1d2467440e5ac417e1f556f83e3bb7942887b30b4bba6e54
93259600b49fb9faf7ec2437631a79352b3baf34b50474a2c3e82d5beaade218
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9f5c226ff1aef810646ba1dd5b2ad6759de9f940b6fe4a0118ace43c61e124bf
a3b88290b24da78b18319ab5f418c1a52620fbcc8f6a5fd3deaa06e9f67cc70d
a425d12069f912ba3d88cd9b3e1c76411a08c0a23980c982f2f9b369682dc35e
a53c6c8728dc5c24a136808d913360ec3ff6f766ee4521736e0c5a6da4cf3d59
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
ae497ee76745d59ff2864f6b3c34ad0cec7fce636e2a4e762ab4b7d93c826629
b1128adb79c7208d410630c04fe6e8ac8886aeb778aafb3f4195fe735acc1d89
bd2a5f798709512879594fc7743e93728497b98c0bc3246ca74d2f17af2f5c72
c29e9fa4775e336b38c5c64cdd3d4d36e85fb8b9113eeadb0cd5f2b0478ad829
c3202f434e270f582fe92d3022c72548f8cff09f4045c44fd45aa01e9790c99f
d09a5529729974980994bcc07c94d0590f641f5facddc4f67121e33b068244d6
d59bd97419d72e867de5d18da9a57684ce52b4e57b2d28940d4307de24228613
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d962cde86c7a6ca04fcbdb6bd57a4bfd3b55e427e16a126e67cf70d3b289344e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e9a3869a236b541891437d6e9b358fcc9538b2754745ab09c71c9477e32cc5
ebee8648deb36bde5ebf7b2a9df27c7168800b2acbc806c73b7b3e563356982a
ed36974f4996e94c840ac398deb4d33497a1f10f01167fd89f8c639a75f6d316
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff22891ecfb9b6671fa344111ace593999409241a08ee1a22af983743693e10e
ff2bec6404c2baef704ce46522ef1dfb606d6920aa1f4d667759d3e51ea67eff