buolnd.com/xkDS
49.12.46.246302 Moved Temporarily 142 B IP 49.12.46.246:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /xkDS HTTP/1.1
Host: buolnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 16 Jan 2023 08:06:12 GMT
Content-Type: text/plain
Content-Length: 142
Connection: keep-alive
Set-Cookie: TID=63C505747EED7B6E0A0B73CC; expires=Mon, 16-Dec-24 08:06:12 GMT; path=/
Location: https://www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63C505747EED7B6E0A0B73CC&utm_content=118753
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11280
Expires: Mon, 16 Jan 2023 11:14:13 GMT
Date: Mon, 16 Jan 2023 08:06:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7359
Expires: Mon, 16 Jan 2023 10:08:52 GMT
Date: Mon, 16 Jan 2023 08:06:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 16 Jan 2023 07:49:09 GMT
content-type: application/json
age: 1024
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12374
Expires: Mon, 16 Jan 2023 11:32:27 GMT
Date: Mon, 16 Jan 2023 08:06:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4olHL721JgkZlbHfNSyck9TJkS/2VIjKpwiOnq3Ui22MVlUuja1k4vRc4Npqj8vb6GRhKwG+g1E=
x-amz-request-id: 9W4S83DMG6AM8XE2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 16 Jan 2023 07:44:30 GMT
age: 1303
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 08:06:13 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 16 Jan 2023 07:17:25 GMT
age: 2928
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e5f9cfd32ba0e755eba2eba2bca5bc3c
012c01ac7a06da9f57e0e1c24658a4bd40e82518
ffd7fc715a11f6579f953c2f0f65128000733620fcc777cd0a4c5bb895c64ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1904
Cache-Control: max-age=91937
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:13 GMT
Etag: "63c3c226-1d7"
Expires: Tue, 17 Jan 2023 09:38:30 GMT
Last-Modified: Sun, 15 Jan 2023 09:06:46 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 3f2c8f4e5b3da321c2fc570577917a83
decf4820d6ae3586fc697316c2a49f2df1722e88
a46afb38399574cba3c7dc3a44fb83573faf4402ada31b2ecacabff42ee5d4af
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=86444
Date: Mon, 16 Jan 2023 08:06:13 GMT
Etag: "63c3b421-1d7"
Expires: Tue, 17 Jan 2023 08:06:57 GMT
Last-Modified: Sun, 15 Jan 2023 08:06:57 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uPR2K3iqYa6DbWmP1T68W8Ol_2vWHkaW9hWDhpyW3p-pTn-wRbEnKg==
push.services.mozilla.com/
52.41.156.90101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.156.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Zl+kG69vDrtXLA6bK7nwGQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IwFenWMoGUWnfihrGK2qDaT/gsY=
www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63C505747EED7B6E0A0B73CC&utm_content=118753
18.162.92.30200 OK 11 kB URL HTTP/2 www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63C505747EED7B6E0A0B73CC&utm_content=118753
IP 18.162.92.30:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24428)
Hash 2707eb1481de36f8a8aabae969dafaca
cb1e4d649285e9a640dc8e76c72b1dc068f254f4
48839f9d273bb948cdae3123bddbeb065111ca34e9fd79d37428ce0a419470c1
GET /promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63C505747EED7B6E0A0B73CC&utm_content=118753 HTTP/1.1
Host: www.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:14 GMT
content-type: text/html
content-length: 11104
server: nginx/1.22.0
content-encoding: gzip
x-lambda-id: 1e210162-fb90-44a5-bf86-2de8be337ed9
accept-ranges: bytes
age: 74840
x-served-by: cache-iad-kiad7000103-IAD, cache-hnd18729-HND
x-cache: HIT, HIT
x-cache-hits: 1, 491
x-timer: S1673856374.313237,VS0,VE0
vary: Accept-Encoding,x-wf-forwarded-proto
x-cluster-name: ap-northeast-1-prod-edge-blue
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0db68b1d40bf15c8fa5_you.svg
143.204.55.80200 OK 825 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0db68b1d40bf15c8fa5_you.svg
IP 143.204.55.80:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (693)
Hash 210beff4c931452baacbe861bcdcb0ad
55a4ab7d9c1fc9e0bf43024dd599eb3628ac46da
b3dadf84bd14d47f74d4c3f09b51bc14881840c6264235050f333684d092dc43
GET /6107d6546b656bffc909cd26/624dd0db68b1d40bf15c8fa5_you.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 825
date: Mon, 09 Jan 2023 01:21:46 GMT
last-modified: Wed, 06 Apr 2022 17:41:48 GMT
etag: "210beff4c931452baacbe861bcdcb0ad"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 2JF0_xUDqsL7IMoubtz07Y47rHK4VWFh
accept-ranges: bytes
server: AmazonS3
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 629069
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IdG1aRdyimN6QTnBLWCQwYBEd-SOpTzUZavGexi1fgYhGEssM4zRCQ==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0dbb706f89afc7b6ea0_fb.svg
143.204.55.80200 OK 805 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0dbb706f89afc7b6ea0_fb.svg
IP 143.204.55.80:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (673)
Hash 687cc2617c243d910f0743a3d8452c15
ffd777e7f45a8cd9d93d907d503d7cac8bb31e0d
dd6fe0fed6def1b676286a203da5c58d178152d29b73debcf8c8f4ed6e269079
GET /6107d6546b656bffc909cd26/624dd0dbb706f89afc7b6ea0_fb.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 805
date: Wed, 14 Dec 2022 07:49:23 GMT
last-modified: Wed, 06 Apr 2022 17:41:48 GMT
etag: "687cc2617c243d910f0743a3d8452c15"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: taIhEQVhftJJ0orwE875uuRGTM0QSMm1
accept-ranges: bytes
server: AmazonS3
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 2852211
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0FjzKrrLROPg_EDrVSuuyBrCfpoY91SssDa5FYyVx35YR8DhNKXHvQ==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b142ddf0d.min.css
143.204.55.80200 OK 78 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b142ddf0d.min.css
IP 143.204.55.80:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7325caea69868b2b85e3a429a0637a8c
d0c9ee520a4d77c55c87b177f9309f55a021f55e
a6a35e40e15a55a772bfc7f96c2659d6643225d876d3d5010b95a04b2677a4df
GET /6107d6546b656bffc909cd26/css/jeff-vn.b142ddf0d.min.css HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 78448
last-modified: Thu, 12 Jan 2023 11:18:35 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: AWLVG9PNilBCLQEG8zVg5_vdFFH.lExd
accept-ranges: bytes
server: AmazonS3
date: Mon, 16 Jan 2023 01:30:24 GMT
cache-control: max-age=84600, must-revalidate
etag: "7325caea69868b2b85e3a429a0637a8c"
vary: Accept-Encoding
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 23751
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ajlwtIAF1TVbNWP3OfaFhs77oY_CxfRuIVEqnTEwJnrqg2O2K-uSxg==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/61cb0c09b776f0761b8a619e_testimonial_person_sml.jpg
143.204.55.80200 OK 56 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/61cb0c09b776f0761b8a619e_testimonial_person_sml.jpg
IP 143.204.55.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 593x698, components 3\012- data
Hash fa2f152f3312a6219fb10009bca34887
a139832d220e54222c1160f3f5c49ab7fdaa8764
5561f5028d19abfb9176beff11f77d47bdff73dcdddeed5ef73b805dbb686a61
GET /6107d6546b656bffc909cd26/61cb0c09b776f0761b8a619e_testimonial_person_sml.jpg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 56280
date: Mon, 09 Jan 2023 01:21:46 GMT
last-modified: Tue, 28 Dec 2021 13:07:22 GMT
etag: "fa2f152f3312a6219fb10009bca34887"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: SJHHdOpxgJ.VgsKdWg86y184WhZx8n5Y
accept-ranges: bytes
server: AmazonS3
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 629069
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Up6rRlkYza2JsWmNDy6L2ZeVEY2py0Q36QKl-LpPPp6a66NvRKpJbQ==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/js/jeff-vn.65016b155.js
143.204.55.80200 OK 97 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/js/jeff-vn.65016b155.js
IP 143.204.55.80:0
File type Unicode text, UTF-8 text, with very long lines (56368)
Hash b63fff218800c7656b8e454e97e74a0d
3a8820d1dc13ec66be88fbc2f5217ec60c905b24
d595a6bc5571a891fce28e9a1be78e44e992f22c264b0fa27611f2039269fd97
GET /6107d6546b656bffc909cd26/js/jeff-vn.65016b155.js HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 96664
last-modified: Thu, 12 Jan 2023 08:39:34 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: C4CGfoOCmERJ3hebmgnkGB7sf0brtZFn
accept-ranges: bytes
server: AmazonS3
date: Mon, 16 Jan 2023 08:06:14 GMT
cache-control: max-age=84600, must-revalidate
etag: "b63fff218800c7656b8e454e97e74a0d"
vary: Accept-Encoding
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 2314
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YtwJqSyNOzKTmcWqpFr4sOq461NPFvfqJvgUrEaTK6VIqtYyKfePfA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f3ee298482e8025b16b90899b84c98d1
ce5050ce27200b3408a8e5113adcc7a8d14b4796
4c3dd7d296e502765b2de450a4ecb5f8c872ed477b464b9913d2633125680ff0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a813a061a05c54b0097af9696d4bcb2e
6a7c9a8587f67a9202d2220c8ab12dd283df0e54
be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
172.217.21.170200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 14:35:36 GMT
expires: Sat, 13 Jan 2024 14:35:36 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 235838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-MH82HZJ
142.250.74.78200 OK 47 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-MH82HZJ
IP 142.250.74.78:0
File type ASCII text, with very long lines (3216)
Hash 6386aa28c2c6edd1e1302a11b57bd5a5
473e9cd5647b1ec3755afbd493d80149b0e77ade
7038af37417af991bb4c197c6ee90460c94eb694719e8b27459d7f7f4d7a3372
GET /optimize.js?id=OPT-MH82HZJ HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 16 Jan 2023 08:06:14 GMT
expires: Mon, 16 Jan 2023 08:06:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f3ee298482e8025b16b90899b84c98d1
ce5050ce27200b3408a8e5113adcc7a8d14b4796
4c3dd7d296e502765b2de450a4ecb5f8c872ed477b464b9913d2633125680ff0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a813a061a05c54b0097af9696d4bcb2e
6a7c9a8587f67a9202d2220c8ab12dd283df0e54
be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese
142.250.74.106200 OK 533 kB URL HTTP/2 fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese
IP 142.250.74.106:0
Size 533 kB (532626 bytes)
Hash 0b58bbd1251a11637f289b7be7428cad
6673c1b1da60c3b04505d79264f3559a8c07cf0e
490b899d66f5de9052688a3c0d2c1dc3581253bc5645448a3b0d1477b2983317
GET /css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 16 Jan 2023 08:06:14 GMT
date: Mon, 16 Jan 2023 08:06:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b7a9d09cd7a_check.svg
143.204.55.80200 OK 227 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b7a9d09cd7a_check.svg
IP 143.204.55.80:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 132803e121eda15d5ccef28fd978aa8d
ef25f693f8da50c320e359e2aa543cddf5e357d0
a1d700b570a88b6f465b0f856f336c4094dd5f923c479aba7e333f6486f727c3
GET /6107d6546b656bffc909cd26/6107d6546b656b7a9d09cd7a_check.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b142ddf0d.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 227
date: Fri, 06 Jan 2023 04:50:34 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "132803e121eda15d5ccef28fd978aa8d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: jQKr9IIYshh9y_Qgqj0xaw94_vVRCkz1
accept-ranges: bytes
server: AmazonS3
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 875741
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7jLHOWMEJA9SK5KpSZg6ZWq-H6CLdPIw6XJskjemkTacDzmUW9KgbA==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b466909cd4a_1.svg
143.204.55.80200 OK 349 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b466909cd4a_1.svg
IP 143.204.55.80:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash cb24497241ce2a3ccdef0664ea0b077f
2e19280399b8c5425b49c9d35200c0dea56a22ba
e0e04a518393790a90b1525d2c1a58568ca8fb409bd7b79e3b4f123e4b5d3ca1
GET /6107d6546b656bffc909cd26/6107d6546b656b466909cd4a_1.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b142ddf0d.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 349
date: Thu, 05 Jan 2023 10:17:22 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "cb24497241ce2a3ccdef0664ea0b077f"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: jiyCO4iDNBm96yjl8q9n7YQDmMq9.Z8g
accept-ranges: bytes
server: AmazonS3
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 942533
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: btL6_1mDME8S550C4hSKoFTcoMHqgR-nZjjYT-sZApVAw_goh32hPA==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656babe309cd4f_2.svg
143.204.55.80200 OK 628 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656babe309cd4f_2.svg
IP 143.204.55.80:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (400)
Hash 459d66b59ffcc9910d65c5ccb22274ed
580a6fd926d85533b9e9b967980744aa11f6f2c0
15bc2f3cbc2276bc7893820a25e490418301eab5f020958c38b84fda6726a1e1
GET /6107d6546b656bffc909cd26/6107d6546b656babe309cd4f_2.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b142ddf0d.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 628
date: Sun, 08 Jan 2023 00:27:01 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "459d66b59ffcc9910d65c5ccb22274ed"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: nPP.zDSTkA98QKUo4uRdUcTCHwHgoV1G
accept-ranges: bytes
server: AmazonS3
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 718754
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aEoSAUZyHppKVAh6ellyPs9vKrwJnOhl1GcTqj10r74hKSVkKw3mvQ==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b843f09cd4b_3.svg
143.204.55.80200 OK 888 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b843f09cd4b_3.svg
IP 143.204.55.80:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (660)
Hash 63e0f683d082f61b47299e7fd5a17559
a6fb47765826ac1dcf68303364c59465b3c0233b
efb636eb5e268b99f96898d11a1c1643ca6e6247b095a345fd7d9198cc4295b9
GET /6107d6546b656bffc909cd26/6107d6546b656b843f09cd4b_3.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b142ddf0d.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 888
date: Tue, 13 Dec 2022 00:30:32 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "63e0f683d082f61b47299e7fd5a17559"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: u4h27iVgg7J0_MIUKJSkZNaLPDmwlL89
accept-ranges: bytes
server: AmazonS3
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 2964943
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v079QhaTa_aTH0pD861auanJHV5SoxcSJQpO43FD7Xylz4nVJ7Ry_w==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656bca9d09cd95_cards-page2%20(1).jpg
143.204.55.80200 OK 140 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656bca9d09cd95_cards-page2%20(1).jpg
IP 143.204.55.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1146x1974, components 3\012- data
Size 140 kB (140104 bytes)
Hash 8044e529d44882c2757dee105221a5ea
994e24144ed202ba20cf06a634c5ec6db5d99bc0
6c7c74df54748ca7a5405ad711d7f03caf71709a8d7fa804d7893848422082d1
GET /6107d6546b656bffc909cd26/6107d6546b656bca9d09cd95_cards-page2%20(1).jpg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b142ddf0d.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 140104
date: Sun, 08 Jan 2023 00:27:01 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "8044e529d44882c2757dee105221a5ea"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 6F9vCv9qo.2Y_F.MbYtjo0s9_3RRRE6O
accept-ranges: bytes
server: AmazonS3
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 718754
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mp_Q3DmHcf7phDq5phSdm18mTY28dI0v5jqvwfK5CYNA9QwJCJEXBg==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b105909cd4d_line2.svg
143.204.55.80200 OK 189 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b105909cd4d_line2.svg
IP 143.204.55.80:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash ece2d3a0c95f8a263d50dbd36665437c
f79987a28b6f0901d22b8ef7a9ff6d1246308823
27906d36a23d8a3572c59e32c569e11ca0bb2b393bcb4f014894a7d9e06ae1c2
GET /6107d6546b656bffc909cd26/6107d6546b656b105909cd4d_line2.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b142ddf0d.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 189
date: Mon, 19 Dec 2022 01:46:04 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "ece2d3a0c95f8a263d50dbd36665437c"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: pQ0mk16nieL11n4W5PuV0uURMYM2kj25
accept-ranges: bytes
server: AmazonS3
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 2442011
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gQp_YMBcSS7ICyoimcaSZEZRkw9MgYtwgc7OuEb_TjNipPXtTBgL3w==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/627b7daca8c598bad5b61850_logo%20(7)%202.png
143.204.55.80200 OK 3.4 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/627b7daca8c598bad5b61850_logo%20(7)%202.png
IP 143.204.55.80:0
File type PNG image data, 210 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 4b39d5741f0e43fb11e055ab85c6536f
1f325edfc094b5359d169970380f93292b412bd7
65f1c35c6574b4d557120bce140f7c44ca8a2a1002a3a1ae1e23b070cc90ffeb
GET /6107d6546b656bffc909cd26/627b7daca8c598bad5b61850_logo%20(7)%202.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3352
date: Wed, 11 Jan 2023 02:13:40 GMT
last-modified: Wed, 11 May 2022 09:11:10 GMT
etag: "4b39d5741f0e43fb11e055ab85c6536f"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 7_zgAiH86xbz_7ozG1LQ9k3rze14CKEo
accept-ranges: bytes
server: AmazonS3
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 453155
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2N9MiEHu-nDKq2cSI7Ehc5lwKYSIude3wviYk1XFk86LffvxEtIuCg==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b495b09cd48_timer.svg
143.204.55.80200 OK 5.2 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b495b09cd48_timer.svg
IP 143.204.55.80:0
Hash 3a84e801dc50175d5a939c81e1828e58
8b0f045640d0f643a2371592d34179a565010a67
85c37bf9f0cc17948b5b8afdb727646f60ad76f20c797f82ed8f42290912a137
GET /6107d6546b656bffc909cd26/6107d6546b656b495b09cd48_timer.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b142ddf0d.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 01 Dec 2022 01:28:09 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: W/"0f94244582317ca88b6421fb8f818105"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: .ODokhEdtaoajcVnEF5GpcZpfn32ksNj
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 3998285
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EOkls2a12z6IoLw3EqkWPNgq1cFprBEVZlQVGa5dznnRcyk4BwOWug==
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK
142.250.74.168200 OK 86 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK
IP 142.250.74.168:0
File type ASCII text, with very long lines (40283)
Hash 7b48689d04663077d8ce0b6f2773d8de
d78dc25893a3084663d0ec43bb7e14fadcda290c
5f66b2d769770a6bcb2961d42f359306f4affa6ab58ee40f7cd2163537de1cf7
GET /gtm.js?id=GTM-WJM8NRK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 16 Jan 2023 08:06:14 GMT
expires: Mon, 16 Jan 2023 08:06:14 GMT
cache-control: private, max-age=900
last-modified: Mon, 16 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86145
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
143.204.48.16200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash 15b11e35a09abd98fadeca91a201cdbf
8c289371f63fdbb6e403513039e5215c93e34d69
df78b70e6443c35c983e55f18cfd3e331f1e95479d75f9116917ba7186cfb058
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=130027
Date: Mon, 16 Jan 2023 08:06:14 GMT
Etag: "63c45e61-1d7"
Expires: Tue, 17 Jan 2023 20:13:21 GMT
Last-Modified: Sun, 15 Jan 2023 20:13:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4y2B_S4R-wvvV4KfK20LfjQ2J2eD5bC33Q4WhlQzYJHWR_BTPaIRbg==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8355c26ccb0302ef874be96819583bf9
36621afa107d2dcd7a500006fd99c30f35be7b47
a8bdadf563b8f100a5b0531c1b52b75dd9ff9f319092af68f54b2bc1174dfb92
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8BDADF563B8F100A5B0531C1B52B75DD9FF9F319092AF68F54B2BC1174DFB92"
Last-Modified: Fri, 13 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2918
Expires: Mon, 16 Jan 2023 08:54:53 GMT
Date: Mon, 16 Jan 2023 08:06:15 GMT
Connection: keep-alive
static.jeff-app.com/scripts/CalcContainer.js
34.141.72.9200 OK 1.2 kB URL HTTP/2 static.jeff-app.com/scripts/CalcContainer.js
IP 34.141.72.9:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 82ac2616e1d69dcd0f361dfa507de7cd
d8326f681a684a8302cddbcb7085373ee531a1ff
30d47546bd8f1370fc73cb343f4519f26feb84b140207ccda165177f8679f21e
GET /scripts/CalcContainer.js HTTP/1.1
Host: static.jeff-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
age: 158200
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Sat, 14 Jan 2023 12:09:36 GMT
etag: "82e75acb51f12449f646f6a530c76cd5-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPWSTP7WRA1N1X03M0768VJV
content-length: 1198
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9442f1d8864feb84a623305a281e4c56
45250ab44f89bf1a0f665da8b47da06dc1af2af0
2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ281Rb0.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ281Rb0.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20840, version 1.0\012- data
Hash 94caeafec8be6e13f12871d82c760e08
c474b99c4d820c33280983aabdade7498af82297
39f71bd192fef15e3ff9ed3e4ab1c336d6019d97e5a2b7cdcfb136176597c52b
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ281Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 17:20:16 GMT
expires: Wed, 10 Jan 2024 17:20:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:05:40 GMT
content-type: font/woff2
age: 485159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9442f1d8864feb84a623305a281e4c56
45250ab44f89bf1a0f665da8b47da06dc1af2af0
2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG86Rb0bcw.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG86Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11412, version 1.0\012- data
Hash f0e8bb3cc78f81dd7e7b76a3b737f136
cb799376b9de709d13f2616f7ce9e38dc4c5b7c9
ce776e36ca591b5ae2ac1ef88f220a13dff461eb4ec3c2994d789853165effa6
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG86Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 05:44:42 GMT
expires: Mon, 15 Jan 2024 05:44:42 GMT
cache-control: public, max-age=31536000
age: 94893
last-modified: Tue, 19 Apr 2022 18:15:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9442f1d8864feb84a623305a281e4c56
45250ab44f89bf1a0f665da8b47da06dc1af2af0
2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ287Rb0bcw.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ287Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12132, version 1.0\012- data
Hash d8c3fbd445568cc3464a7b83715eb02f
8fadbd8de214b29c7791b720e50cf3485ed06784
a26854f297793040b3587a207fbbaac3b61c4b4aaefda33b720e920251896a33
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ287Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12132
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 18:29:47 GMT
expires: Sun, 14 Jan 2024 18:29:47 GMT
cache-control: public, max-age=31536000
age: 135388
last-modified: Tue, 19 Apr 2022 18:08:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw5BXoKZA.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw5BXoKZA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11812, version 1.0\012- data
Hash 36c89462b574e7b2fb7eec0b957ba664
e051822b0746088706225243c3a4b5d1d18cdbe8
5089932a425db8912573a4808c785d2881ce9089791752eccd8d5d839c212acf
GET /s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw5BXoKZA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 17:45:47 GMT
expires: Wed, 10 Jan 2024 17:45:47 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:09:11 GMT
content-type: font/woff2
age: 483628
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2
216.58.207.227200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20136, version 1.0\012- data
Hash 74b2666cbba90c8f90a1fa4d2a0f98b7
d67ad16e9989c3af159a0870b909e0ae37f18c33
afba0a9e71e6bf5b89cb8ea73a331d6f16d8ad0d9059fd5270e424c2b372da82
GET /s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20136
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 00:08:05 GMT
expires: Fri, 12 Jan 2024 00:08:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:13:43 GMT
content-type: font/woff2
age: 374290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw4BXoKZA.woff2
216.58.207.227200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw4BXoKZA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 10436, version 1.0\012- data
Hash 2269542cdca293fec9e2fba673ad44dc
8e51c19e469e13c26a1ea847523f044c4e3fc5ac
7e200d0551f7d87d4c1a32ba265186be23494477b64a48accbf6198fe6e79956
GET /s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw4BXoKZA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 11:31:32 GMT
expires: Mon, 15 Jan 2024 11:31:32 GMT
cache-control: public, max-age=31536000
age: 74083
last-modified: Tue, 19 Apr 2022 18:09:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm81Rb0.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm81Rb0.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20816, version 1.0\012- data
Hash c89fa3b7b7560a9cc924364c3651fc21
0d36d701b1b9158145f5167799533f5f21a6c314
5fdd06615194a9a10ddc8b928c428e2dbb2b20ed70dfcafe40de89cddaf61f12
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm81Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 10:29:55 GMT
expires: Mon, 15 Jan 2024 10:29:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:08:57 GMT
content-type: font/woff2
age: 77780
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9442f1d8864feb84a623305a281e4c56
45250ab44f89bf1a0f665da8b47da06dc1af2af0
2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm87Rb0bcw.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm87Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12332, version 1.0\012- data
Hash 68f359110ddbab73367a98d657ad3ca6
22c9a18d7a470109b24124736b95f479aa152593
16f7f28cd79e331da4b267c4d9a440a07490d687037645987ea93a68edd9e11d
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm87Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 18:29:47 GMT
expires: Sun, 14 Jan 2024 18:29:47 GMT
cache-control: public, max-age=31536000
age: 135388
last-modified: Tue, 19 Apr 2022 18:26:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9442f1d8864feb84a623305a281e4c56
45250ab44f89bf1a0f665da8b47da06dc1af2af0
2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm86Rb0bcw.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm86Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11072, version 1.0\012- data
Hash feac5a03593138287f348533d7864f85
a6c0ba2cc99810388b245048d88d619b8d6bdf16
a7cc6e59d8515b32c8a24943605545663453210ed0f51005e6f259224d4c35a4
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm86Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 15:29:47 GMT
expires: Mon, 15 Jan 2024 15:29:47 GMT
cache-control: public, max-age=31536000
age: 59788
last-modified: Tue, 19 Apr 2022 18:06:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW86Rb0bcw.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW86Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11100, version 1.0\012- data
Hash 891506a586c32ab1d43857d6455c9f9e
f32fa2f4d6e69a1796b9adebb837b23e2b52c79b
d0f14805c4f59ff808400de351404874309171b89d378b87de32719d04810b49
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW86Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 18:29:47 GMT
expires: Sun, 14 Jan 2024 18:29:47 GMT
cache-control: public, max-age=31536000
age: 135388
last-modified: Tue, 19 Apr 2022 18:12:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ286Rb0bcw.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ286Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11176, version 1.0\012- data
Hash 1fb73ebec7849f13b133f22fa96a1956
3d1bfb246b36da591fb64147941f2141870d1733
fe0e476d081283bccd12deb3adf743da1a7b9b05ec96b9cfab3a300c29430069
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ286Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11176
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 18:29:47 GMT
expires: Sun, 14 Jan 2024 18:29:47 GMT
cache-control: public, max-age=31536000
age: 135388
last-modified: Tue, 19 Apr 2022 18:06:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HS0Im81Rb0.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HS0Im81Rb0.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20640, version 1.0\012- data
Hash bb55f11c4c165aff6990136ead59fc1d
411672d0fd1e86b6024ab44ec7ee5c21b91816eb
ee0eab7c78914d952b5119684d1aed29aec2707fe7cc1b1bb75771fe87ca68b4
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HS0Im81Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20640
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 04:48:30 GMT
expires: Wed, 10 Jan 2024 04:48:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:10:40 GMT
content-type: font/woff2
age: 530265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSQI281Rb0.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSQI281Rb0.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21208, version 1.0\012- data
Hash 74f93ec1a48da90748c0be825f5d5e91
2c5f5bc8dbb17f0599726820e09c4b6383bdc25d
9a6403be855cf28f8fc7eb0ec377f8fe84e4508da830f6a1cffe96040d3c48ec
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSQI281Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 05:16:57 GMT
expires: Mon, 15 Jan 2024 05:16:57 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:14:56 GMT
content-type: font/woff2
age: 96558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4214
Expires: Mon, 16 Jan 2023 09:16:29 GMT
Date: Mon, 16 Jan 2023 08:06:15 GMT
Connection: keep-alive
assets-global.website-files.com/6107d6546b656bffc909cd26/61c0d1264935ee173ea20df9_Jeff-logo-blue.svg
143.204.55.80200 OK 14 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/61c0d1264935ee173ea20df9_Jeff-logo-blue.svg
IP 143.204.55.80:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (563)
Hash 84e5a28006af21d441c6f5d6aeba274f
b7c815cfc0d537d892ead2ae4896f5b719b91f90
fd130dbb0aab6a2d5c917900b496656f340b4afb81ba6ba882344edbc96797f4
GET /6107d6546b656bffc909cd26/61c0d1264935ee173ea20df9_Jeff-logo-blue.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 05 Jan 2023 09:13:59 GMT
last-modified: Mon, 20 Dec 2021 18:53:28 GMT
etag: W/"fac34ae20c20c5797b16e98a6037501e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: XtJG1xIfC3_oAEC_jmId_Ai9gImM0CTR
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 946336
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8FctxH9Ket3RNWy7M1HBlZIGhncgzrNCBbpH27mU6_nC89G7NiRgFQ==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/61b8f0931768433af36b831c_61b3e9130cda5653e4c3650b_stars.svg
143.204.55.80200 OK 23 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/61b8f0931768433af36b831c_61b3e9130cda5653e4c3650b_stars.svg
IP 143.204.55.80:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (741)
Hash 1575e4c643bb68ccb55b3c3530b2b180
4b1252ec9928eb2fd9459c2c1c6d717114635b1b
96fbb8d36cbbde69ab7861940bbe7d933b3b376d1839bc1b09b3fe56ab431e50
GET /6107d6546b656bffc909cd26/61b8f0931768433af36b831c_61b3e9130cda5653e4c3650b_stars.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 05 Dec 2022 17:15:54 GMT
last-modified: Tue, 14 Dec 2021 19:29:25 GMT
etag: W/"3ab8863711cd31b29be9ac7c209a322d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: Qbfc7DfZevSEAcMikzhL8QhJlEf3FCGK
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 3595821
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YoY2CrtjRwh6lYesA54CRZi159_7jVhSR-MalXZiV9tvs0Y2Hug9-w==
X-Firefox-Spdy: h2
d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6107d6546b656bffc909cd26
143.204.42.231200 OK 52 kB URL HTTP/2 d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6107d6546b656bffc909cd26
IP 143.204.42.231:0
Hash b159f66d61e4fb27f384f30ace68e5aa
21d777f4e2ff1d6f78d13ba2b6a09e45854b919f
afac5b3f34bbb7b486c507af5db8333d2ebf52a36c71b99d85bd479c1884b0f8
GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=6107d6546b656bffc909cd26 HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 15 Jan 2023 10:47:19 GMT
cache-control: max-age=84600, must-revalidate
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
age: 76741
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -Jp5VoFiaDpSlIv3-6d_njxOcwiU8Nho-23aafLLScpPQQr19yYWTQ==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW87Rb0bcw.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW87Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12352, version 1.0\012- data
Hash 2ca7d93b0f3cf6fb8acc7a57cfb855a9
4862b5d3df3b4b1e343fa1f72ecaf23bbe4c4130
5c74d26fa05df23036cb8406bc0f4f719d0004fd0fd671304286dee3c68f781e
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW87Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 04:16:47 GMT
expires: Tue, 16 Jan 2024 04:16:47 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:03:24 GMT
content-type: font/woff2
age: 13768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa81e129b-3fb3-4b30-a6fc-04ac1926b5c8.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa81e129b-3fb3-4b30-a6fc-04ac1926b5c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c1d929710bbf5d3a500cff064fa28e5
f76fade4eba5e5740d1261a2bce7776719ee477f
bb0b45ede28406534c236881abe011a1b8162a1bcb4cbe61320c613fec5d0010
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa81e129b-3fb3-4b30-a6fc-04ac1926b5c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7986
x-amzn-requestid: 366be46e-97f4-4bdc-8341-5bf87438ad86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbPvEezoAMF6ng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47264-7eef208b3ec703b82d792537;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _cMoPRYYqsc6B6TWFkmrfDMCleAW2jWn5FXGmjay279Bf3tppH60hQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 22:04:21 GMT
age: 36114
etag: "f76fade4eba5e5740d1261a2bce7776719ee477f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4214
Expires: Mon, 16 Jan 2023 09:16:29 GMT
Date: Mon, 16 Jan 2023 08:06:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4214
Expires: Mon, 16 Jan 2023 09:16:29 GMT
Date: Mon, 16 Jan 2023 08:06:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a14364fe2ad784ef5db2ea66dcf18dba
3274bc2a0b6e41d6f44e31ab0e233f79677079d3
40ffbf3dd157214eb918c6babf69b94f657f354337001f0b7e06930bf6a47aae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7291
x-amzn-requestid: 153fdafd-e094-4261-8202-065208ed543e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbOMGuxoAMFkJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725a-68ba19037f23dae033513080;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dCzcLSv-R9QxYnx_d6iQJBWnYuZIIsHlwdKj4N_8yNlNHiSQ7RDDVQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:45:02 GMT
age: 37273
etag: "3274bc2a0b6e41d6f44e31ab0e233f79677079d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4214
Expires: Mon, 16 Jan 2023 09:16:29 GMT
Date: Mon, 16 Jan 2023 08:06:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08647b23-df38-4ed1-bdbd-a4fba997c933.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08647b23-df38-4ed1-bdbd-a4fba997c933.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cff4cbad17919648f62b3582f49c404b
65b8056061916928e309bb983129353a577c2b89
f6ba13b6fd5a6a39f0a34b406b39471f02c6f5fd72813db64585a8e795ec44a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08647b23-df38-4ed1-bdbd-a4fba997c933.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9304
x-amzn-requestid: c14aa47a-3e94-491a-95ab-beae1f5bdb9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbKtFrIoAMFt5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47244-3a6b3c4b4b35ba8f57aa449a;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: quy8cULp0c0o6cHatiXz8R9t9hvQyus52_hOWSReahePmcxb6hOT4A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:54:26 GMT
age: 36709
etag: "65b8056061916928e309bb983129353a577c2b89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4214
Expires: Mon, 16 Jan 2023 09:16:29 GMT
Date: Mon, 16 Jan 2023 08:06:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c941e9c-910c-4cd7-a013-a4dca3c5db2b.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c941e9c-910c-4cd7-a013-a4dca3c5db2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4fcbed1f27bccb1f8b6fe4c9efde16f
2b2b272f1712319a5de86f8fac3f73b23e5ef4b0
d33384b6a4f1f5a5ee73643dd86161fe59dfe9d27af4483ffef2e28693e62ee6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c941e9c-910c-4cd7-a013-a4dca3c5db2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3845
x-amzn-requestid: 4b8fa830-dad5-4f44-addd-2fcee42f417e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: excEMFt1oAMFeOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a6e7-703ffebe0297428c35eabdb6;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:10:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wMmYR9yEPelW_Q5_tnImorkseC1tr0EcDvNHeYBpNWB6l47og9HC5Q==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 07:28:34 GMT
age: 2261
etag: "2b2b272f1712319a5de86f8fac3f73b23e5ef4b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 542f87ebb35e170451b610e4b700bcb1
2259cdebacc4c9f07aad838eec494863d4273ad1
85001f2cf33f3fc98d4cdcc7aef38611e34aea3a791d8acb0a5946c4619398eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5766
x-amzn-requestid: b6a8d7ee-ff35-4720-8d2e-ba2b8db6edfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbP4GDQIAMFTSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47265-6022a62f69d8f938458d18a0;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YcIDYSEtEIIfGauNxD9V1tuSCAPDq9OaaAATRTOC3Sjlb-72IA0ScQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 22:06:50 GMT
age: 35965
etag: "2259cdebacc4c9f07aad838eec494863d4273ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 31aa4a4eec75afec5ac1a229478d4ef0
f419c6175a4d2c10f432b50cd395ca129a05b1ba
4fe808eccb1d226cd7adbf4ccd2d98a2af3501b346a33e611eaf26830d704898
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 854
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Last-Modified: Mon, 16 Jan 2023 07:52:01 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3564c3f8-6384-4420-a3b3-d060b8324eef.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3564c3f8-6384-4420-a3b3-d060b8324eef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba954510928a547a0b65833f87b0acf1
5746f59a27f97ca73d2c241c1580000957074c54
960d0c8bcb3085d3b5be0ad0f08597160cde3e2945aaad9a59a4434ccc0fd9f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3564c3f8-6384-4420-a3b3-d060b8324eef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7596
x-amzn-requestid: 225cbfa3-2597-4998-9b8a-a8888d1799f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbQgGPxIAMFUfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47269-33398b305db48e6801f0f323;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQPO4JTEgixpxf277NbMfvdB46jSxutEUmCZtVE0Zilp1mkw7jGdIA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 22:04:21 GMT
age: 36114
etag: "5746f59a27f97ca73d2c241c1580000957074c54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4ac39c8ee2583f836a6c40bc29abd389
a4ce5cd6dcb347d634b4acd135710d6e5b81005c
399250bc0c0f2a2929d03e37f460b84b9201d06b758e7bbc6c9ba482c3ed35b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9442f1d8864feb84a623305a281e4c56
45250ab44f89bf1a0f665da8b47da06dc1af2af0
2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
11882785.fls.doubleclick.net/activityi;src=11882785;type=rmkt;cat=202200;ord=5002252367166;gtm=2wg1a1;auiddc=1756940801.1673856376;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63C505747EED7B6E0A0B73CC%26utm_content%3D118753?
142.250.74.134200 OK 317 B URL HTTP/2 11882785.fls.doubleclick.net/activityi;src=11882785;type=rmkt;cat=202200;ord=5002252367166;gtm=2wg1a1;auiddc=1756940801.1673856376;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63C505747EED7B6E0A0B73CC%26utm_content%3D118753?
IP 142.250.74.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (591), with no line terminators
Hash 2d16c0d748b2456499cc86092168f686
4a32b6056c3d0272e05df85a6aa88711fd4a7334
447289e4d6f8084d9939d55f53cb16ec6463292cc9f51c5de934a38f55d905e9
GET /activityi;src=11882785;type=rmkt;cat=202200;ord=5002252367166;gtm=2wg1a1;auiddc=1756940801.1673856376;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63C505747EED7B6E0A0B73CC%26utm_content%3D118753? HTTP/1.1
Host: 11882785.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 08:06:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 317
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Jan-2023 08:21:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4ac39c8ee2583f836a6c40bc29abd389
a4ce5cd6dcb347d634b4acd135710d6e5b81005c
399250bc0c0f2a2929d03e37f460b84b9201d06b758e7bbc6c9ba482c3ed35b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash c20ed06ebeba0785f1358d94b968cfdd
7611f10b018de0413546fae39a79bfe66cba2e9b
fb0b5f228f4a0f0c726ed79b6c8861e4a414da43e03230fbb2e768af8f0bc001
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169545
Date: Mon, 16 Jan 2023 08:06:15 GMT
Etag: "63c4e812-1d7"
Expires: Wed, 18 Jan 2023 07:12:00 GMT
Last-Modified: Mon, 16 Jan 2023 06:00:50 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: auYL3rMUTp32j1WVN__Jc3xMlC1RaLF759rfEExqjObdG87F9Grhtw==
Age: 4270
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 63931ff97eb1381a053be3c3e3e15109
936c6ff2f38aa0533a06f3e86a83fda70fb55082
190074a5719a32e42ef57a8a5a2f68c70f0f67204e0fc18bf77afad64a7d418f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 058d0cf50947e981c3ae32201805d095
6157ec725eb52fe651d1e836475d70bb83d59164
03bbe4ee51a1cf912f31a77a5b267d540e5717873fe15c748f41edcd1f615d6f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5462
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Etag: "63c3de51-1d7"
Last-Modified: Mon, 16 Jan 2023 06:35:13 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
adservice.google.com/ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=5002252367166;gtm=2wg1a1;auiddc=1756940801.1673856376;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63C505747EED7B6E0A0B73CC%26utm_content%3D118753
142.250.74.34200 OK 316 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=5002252367166;gtm=2wg1a1;auiddc=1756940801.1673856376;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63C505747EED7B6E0A0B73CC%26utm_content%3D118753
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (590), with no line terminators
Hash c6c737a2b76a578a68082e3f790ab66e
a7f07312c85f4be2eacd9252f8d11da420dd41cc
4f9f23f3a9b4694bc20208e57a77b138586d6f53f6d6dd2b2aa3ddadb389f62f
GET /ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=5002252367166;gtm=2wg1a1;auiddc=1756940801.1673856376;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63C505747EED7B6E0A0B73CC%26utm_content%3D118753 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11882785.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 08:06:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 316
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 63931ff97eb1381a053be3c3e3e15109
936c6ff2f38aa0533a06f3e86a83fda70fb55082
190074a5719a32e42ef57a8a5a2f68c70f0f67204e0fc18bf77afad64a7d418f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4b5649f5553a4164fe8f5d6a7861657
2f22cc9acb845ca7a81a104463ebf94d3059ccf1
06ac062617836f62efe6321ef5a013c24d2a04160670a7f6f2e04c78aaf7ca4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=5002252367166;gtm=2wg1a1;auiddc=1756940801.1673856376;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63C505747EED7B6E0A0B73CC%26utm_content%3D118753
142.250.74.2200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=5002252367166;gtm=2wg1a1;auiddc=1756940801.1673856376;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63C505747EED7B6E0A0B73CC%26utm_content%3D118753
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=5002252367166;gtm=2wg1a1;auiddc=1756940801.1673856376;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63C505747EED7B6E0A0B73CC%26utm_content%3D118753 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 08:06:15 GMT
expires: Mon, 16 Jan 2023 08:06:15 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ac106138e60fd3df8b402bc9165d54d5
6c5ba34d78081412e70ac575caa8594148ffe549
42cc7084aeef4d3b3f5228c2b229e22918357c9817663e06ecb9668f6b0317bd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6411
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Etag: "63c4015a-139"
Last-Modified: Mon, 16 Jan 2023 06:19:25 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4b5649f5553a4164fe8f5d6a7861657
2f22cc9acb845ca7a81a104463ebf94d3059ccf1
06ac062617836f62efe6321ef5a013c24d2a04160670a7f6f2e04c78aaf7ca4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:15 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=OL-awF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czNKUVloR3FFMGR3MXclMkYlMkJ5OFBPVGRQdSUyRkFhbmczU3ZjVnA5czNJQVR6NlQ; expires=Sat, 10 Feb 2024 08:06:15 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 245469
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ad746fba386f0ced602b937f1b70670b
593c0bf1b72fa4efd33648659c3d65f97e9f4f4c
d70e4428144aa64e6b60e483beee4af0bab0d595ccf7c965562f5bc04ab94c7b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5946
Cache-Control: max-age=165482
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Etag: "63c4d1a7-139"
Expires: Wed, 18 Jan 2023 06:04:17 GMT
Last-Modified: Mon, 16 Jan 2023 04:25:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ad746fba386f0ced602b937f1b70670b
593c0bf1b72fa4efd33648659c3d65f97e9f4f4c
d70e4428144aa64e6b60e483beee4af0bab0d595ccf7c965562f5bc04ab94c7b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5946
Cache-Control: max-age=165482
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:15 GMT
Etag: "63c4d1a7-139"
Expires: Wed, 18 Jan 2023 06:04:17 GMT
Last-Modified: Mon, 16 Jan 2023 04:25:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
ocsp.r2m02.amazontrust.com/
143.204.48.16200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash 15b11e35a09abd98fadeca91a201cdbf
8c289371f63fdbb6e403513039e5215c93e34d69
df78b70e6443c35c983e55f18cfd3e331f1e95479d75f9116917ba7186cfb058
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=130026
Date: Mon, 16 Jan 2023 08:06:15 GMT
Etag: "63c45e61-1d7"
Expires: Tue, 17 Jan 2023 20:13:21 GMT
Last-Modified: Sun, 15 Jan 2023 20:13:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bO1u7CrHqN3TzwEDQPy2kt3dsKifZ0fSr7A5nBwH6eK3Pb6whp5zdQ==
ag.gbc.criteo.com/newidsd
185.235.84.130200 OK 1.5 kB URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.130:0
Hash 10811233039424306d67a8af0855924d
94fd6c88364127d7eee11594a9152ccf66c77d9b
6a0d70c041db63da304a5545a230529b28671730717e932926b5e4ca32fb0b2d
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 124212
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656bb88409cd90_ava25.png
143.204.55.80200 OK 6.8 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656bb88409cd90_ava25.png
IP 143.204.55.80:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 91d673117e2a381f4f31bcfea2defd05
802fbc599fae6d5e85e8c26069c9866390aea81c
2406055062edbe53407e63e3949ab4f4d945c5d2be748171163cab174464fc15
GET /6107d6546b656bffc909cd26/6107d6546b656bb88409cd90_ava25.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 6840
date: Mon, 12 Dec 2022 11:08:24 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "91d673117e2a381f4f31bcfea2defd05"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: qsphhL6ln.fw2lXhI0Z..SLYKZVg1SFv
accept-ranges: bytes
server: AmazonS3
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 3013073
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u2Ml88QmJAIvLdCqWE5nw3PcQ5nEfk2RCxIQcXNZvL5NcHUOsyHWOw==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/61b8f8110ac8d91a46e05b3b_fav1.png
143.204.55.80200 OK 546 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/61b8f8110ac8d91a46e05b3b_fav1.png
IP 143.204.55.80:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d3b64a42ca66fa9345e360b54a50059
c427d4a18ac2b9ca6b8a57e6e86c9293d424eb61
0797988ad3ff6e5a9818ec8637d60b6fbc67525cdf7eabbe38e78e7443c03f9a
GET /6107d6546b656bffc909cd26/61b8f8110ac8d91a46e05b3b_fav1.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 546
date: Wed, 14 Dec 2022 07:29:23 GMT
last-modified: Tue, 14 Dec 2021 20:01:23 GMT
etag: "8d3b64a42ca66fa9345e360b54a50059"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 8MwK.0QGsjy.IVILxs2yFuZY6K_Dd3IJ
accept-ranges: bytes
server: AmazonS3
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 2853414
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Bqp4OY93Dm_Ah6f6yhOmWiBCXrkyn_KhWTqMEGRPy18iv-yuKrdSCQ==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash d83c765662df524132d7cfe71679912c
fafecf5484e6c9361556d017779b9d9a54ff7618
9871c526c928c7061e11b86ee7412cc7e06ddc0af759b691b6e554985f11291c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154109
Date: Mon, 16 Jan 2023 08:06:16 GMT
Etag: "63c4bc75-1d7"
Expires: Wed, 18 Jan 2023 02:54:45 GMT
Last-Modified: Mon, 16 Jan 2023 02:54:45 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SJll9xnN39CUv-KQeOGqSLHT47RnfVS4b-rA9MuN9PamAhJxs7Dk8A==
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash e1c289b5f7d586f7b804f39087b609e7
c4b16d5bfffd2b63158daca05ba9e5c7c8eb441f
80942ad39b9202e4a8a137efc663a6c3f1a1b1acc6cd5330a5e93d31cd1f398a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 16 Jan 2023 08:06:16 GMT
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: x-gjlC4bOG8fdHY-aoH4k_RpcsRi3HG3qWmms3FNwLL9dYjOXyzF7Q==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 490da53280cc0fa01d2f96982ef0d440
24b4e5a319373a5058d798c9b115317568062a8d
50c83654f33d3d35202f7682ed2c593c165577cf47fcc1176dab8065c92dd87a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5460
Cache-Control: max-age=131507
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:16 GMT
Etag: "63c44ed7-1d7"
Expires: Tue, 17 Jan 2023 20:38:03 GMT
Last-Modified: Sun, 15 Jan 2023 19:07:03 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
api.jeff-app.com/lead-api/web/collect
3.111.178.110200 OK 0 B URL HTTP/2 api.jeff-app.com/lead-api/web/collect
IP 3.111.178.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lead-api/web/collect HTTP/1.1
Host: api.jeff-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jeff.vn/
Origin: https://www.jeff.vn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:16 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.jeff.vn
access-control-expose-headers: Authorization
access-control-allow-credentials: true
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash e1c289b5f7d586f7b804f39087b609e7
c4b16d5bfffd2b63158daca05ba9e5c7c8eb441f
80942ad39b9202e4a8a137efc663a6c3f1a1b1acc6cd5330a5e93d31cd1f398a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153374
Date: Mon, 16 Jan 2023 08:06:16 GMT
Etag: "63c4b996-1d7"
Expires: Wed, 18 Jan 2023 02:42:30 GMT
Last-Modified: Mon, 16 Jan 2023 02:42:30 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3X7vuSPMqbmsmrL2I5LtO6oXEiobc24xbyirhtzIq4_4Q7YfX9SMPw==
sp.jeff.vn/com.snowplowanalytics.snowplow/tp2
3.6.243.1200 OK 0 B URL HTTP/2 sp.jeff.vn/com.snowplowanalytics.snowplow/tp2
IP 3.6.243.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: sp.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.jeff.vn/
Origin: https://www.jeff.vn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:16 GMT
content-length: 0
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.2.7
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.101200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Sat, 03 Dec 2022 04:42:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3N9QeOQPxOa635bRCavXj3XOLjGnpapJN5RqNAwXq2LBHsidbfOp7g==
age: 3813854
X-Firefox-Spdy: h2
sp.jeff.vn/com.snowplowanalytics.snowplow/tp2
3.6.243.1200 OK 2 B URL HTTP/2 sp.jeff.vn/com.snowplowanalytics.snowplow/tp2
IP 3.6.243.1:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: sp.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1057
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Cookie: _gcl_au=1.1.1756940801.1673856376; cto_bundle=xS5Qy19GUzJCdmppM2d6V25nbmJDdmZrYWs2Y3YxMW8xaE5IdFRoZlB3amVvTzBMc0VpNnQlMkJKek9FMDFxZUE2NDVJYXo2UU1iMDQzaXk0WlJ5UFVBbEtSUjhDSmtCQ2JXbmdEVktCSnJQakpGSCUyRkUlMkZURVpSU1lLdzllalhZTGslMkJvR29u; _sp_ses.4563=*; _sp_id.4563=9aa2877b-dab7-4476-978b-6a15a060ba49.1673856377.1.1673856377..39c5ef46-824d-4c53-b72b-bb6577f128ca..771be621-0f07-4c52-a72f-e20d0ecbf5e7.1673856376680.1; utm_source=publisher; utm_medium=cpc; utm_campaign=Leadbit-CPL; utm_content=118753; utid=63C505747EED7B6E0A0B73CC; publisher_name=Leadbit-CPL; publisher_click_id=63C505747EED7B6E0A0B73CC; query_params_json=W3sia2V5IjoidXRtX3NvdXJjZSIsInZhbHVlIjoicHVibGlzaGVyIn0seyJrZXkiOiJ1dG1fbWVkaXVtIiwidmFsdWUiOiJjcGMifSx7ImtleSI6InV0bV9jYW1wYWlnbiIsInZhbHVlIjoiTGVhZGJpdC1DUEwifSx7ImtleSI6InV0aWQiLCJ2YWx1ZSI6IjYzQzUwNTc0N0VFRDdCNkUwQTBCNzNDQyJ9LHsia2V5IjoidXRtX2NvbnRlbnQiLCJ2YWx1ZSI6IjExODc1MyJ9XQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:16 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
set-cookie: sp=869399b0-72c9-454d-8e3b-df17017b9623; Expires=Tue, 16 Jan 2024 08:06:16 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
server: akka-http/10.2.7
X-Firefox-Spdy: h2
script.hotjar.com/modules.0a5831f9446624640839.js
143.204.55.40200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.0a5831f9446624640839.js
IP 143.204.55.40:0
File type Unicode text, UTF-8 text, with very long lines (47958)
Hash c190d47cd0259bc45c4cf36c6c1a261a
a4d82aab61799b506dcaa84753e481eea33547ad
8593a0bee7b36326e5243a3eb4f70618a602a1d3646e732567ce05f7cda2c7cb
GET /modules.0a5831f9446624640839.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68992
date: Thu, 12 Jan 2023 12:30:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "c190d47cd0259bc45c4cf36c6c1a261a"
last-modified: Thu, 12 Jan 2023 12:29:16 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Wib_RkysLzK1R1_T_zbFX5gSAdF5mseEmv9PurHPfgmDiHTgSRKhMQ==
age: 329770
X-Firefox-Spdy: h2
za.zdn.vn/v3/za.js?19373
120.138.69.5200 OK 7.9 kB IP 120.138.69.5:0
ASN #38244 VNG Corporation
File type ASCII text, with very long lines (20288)
Hash f564f342d4aceb3656fe5ce80ff95604
f566114e9aab52a85f8b6a25084a1068902ff65a
997a41a9400322ad6e066d89a5048e04a5156223aea186cce1bf3446f2de5cb9
GET /v3/za.js?19373 HTTP/1.1
Host: za.zdn.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 08:06:16 GMT
content-type: application/javascript
content-length: 7910
last-modified: Mon, 10 Jan 2022 09:12:24 GMT
etag: W/"61dbf878-4f41"
content-encoding: gzip
age: 2426
access-control-allow-origin: *
X-Firefox-Spdy: h2
page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=55b54d2a-68b9-4ae1-8de0-f35a9b245823&domain=www.jeff.vn&android=false&ios=false
49.213.114.167200 OK 1.7 kB URL HTTP/2 page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=55b54d2a-68b9-4ae1-8de0-f35a9b245823&domain=www.jeff.vn&android=false&ios=false
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3695), with no line terminators
Hash 45ac1a3dd4f84d427eaa8284843d35b5
87f7de4a411f924aef7c1259311b3f8924a493f3
d550ce7a182aabaf1f8cf3c085a9570fb9c933ea69f2515344db1795605291ec
GET /?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=55b54d2a-68b9-4ae1-8de0-f35a9b245823&domain=www.jeff.vn&android=false&ios=false HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:17 GMT
content-length: 1721
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
za.zdn.vn/v3/za.js
120.138.69.5200 OK 7.9 kB IP 120.138.69.5:0
ASN #38244 VNG Corporation
File type ASCII text, with very long lines (20288)
Hash f564f342d4aceb3656fe5ce80ff95604
f566114e9aab52a85f8b6a25084a1068902ff65a
997a41a9400322ad6e066d89a5048e04a5156223aea186cce1bf3446f2de5cb9
GET /v3/za.js HTTP/1.1
Host: za.zdn.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 08:06:17 GMT
content-type: application/javascript
content-length: 7910
last-modified: Mon, 10 Jan 2022 09:12:24 GMT
etag: W/"61dbf878-4f41"
content-encoding: gzip
age: 2427
access-control-allow-origin: *
X-Firefox-Spdy: h2
page.widget.zalo.me/static/js/cphandler.js
49.213.114.167200 OK 2.3 kB URL HTTP/2 page.widget.zalo.me/static/js/cphandler.js
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type ASCII text, with CRLF line terminators
Hash e02df3ae5979d6de788855361ac9bbda
31e91f3c2fc467f95fe9a55206a39d554c41e005
2ba7f537cfd492f21b02ee954827b8db82ceaac1699695f5b1c3719d4dc07207
GET /static/js/cphandler.js HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=55b54d2a-68b9-4ae1-8de0-f35a9b245823&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:17 GMT
content-type: application/javascript
content-length: 2279
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
page.widget.zalo.me/static/js/zinit.js?v5
49.213.114.167200 OK 900 B URL HTTP/2 page.widget.zalo.me/static/js/zinit.js?v5
IP 49.213.114.167:0
ASN #38244 VNG Corporation
Hash 562ebdb09ae3d87ce07b643e4e23b5d5
897f82c06b6f72452ff474bd14c27ba4460fed7c
c2139788118e243dc0c322959e5404b29ba73fbee0605c890fda2dc37d1ef764
GET /static/js/zinit.js?v5 HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=55b54d2a-68b9-4ae1-8de0-f35a9b245823&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:17 GMT
content-type: application/javascript
content-length: 900
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b5f0190d8fe5de30dace39e0050f6176
daf68b3b076b739ee0e668188b23e32c344f76db
8c760c2f726a661095ce9c9d744ae8206fe86f9aba5450d55d98e727a38f7e37
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4507
Cache-Control: max-age=142767
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:18 GMT
Etag: "63c47e8f-1d7"
Expires: Tue, 17 Jan 2023 23:45:45 GMT
Last-Modified: Sun, 15 Jan 2023 22:30:39 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
page.widget.zalo.me/static/static/css/main.607e1b85.chunk.css
49.213.114.167200 OK 38 kB URL HTTP/2 page.widget.zalo.me/static/static/css/main.607e1b85.chunk.css
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type ASCII text, with very long lines (65536), with no line terminators
Hash ac42d49a4172c1a3c053e6e787ad7218
1962dc0f96acf952775c05ae77ffc4e8665163df
5845266262d5f3b73fa12fa9e152a68700b4cf2e5608256ec0389d5c1ef40708
GET /static/static/css/main.607e1b85.chunk.css HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=55b54d2a-68b9-4ae1-8de0-f35a9b245823&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:17 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: jhb2bcAiYkXFCMltQlTz+kxnduWd7quHu2Ngt7I9EJ47lMtkpp0QblwNQhTq9cXvAwCvXSRDOP97WJGAEsK10Q==
content-length: 27815
x-fb-trip-id: 1904183273
date: Mon, 16 Jan 2023 08:06:18 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b5f0190d8fe5de30dace39e0050f6176
daf68b3b076b739ee0e668188b23e32c344f76db
8c760c2f726a661095ce9c9d744ae8206fe86f9aba5450d55d98e727a38f7e37
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4507
Cache-Control: max-age=142767
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:18 GMT
Etag: "63c47e8f-1d7"
Expires: Tue, 17 Jan 2023 23:45:45 GMT
Last-Modified: Sun, 15 Jan 2023 22:30:39 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
za.zalo.me/v3/le?msg=Set%20visitor%20id%20while%20it%20is%20invalid%3A%20&ver=2201101603&r=1673856378316
49.213.114.149200 OK 0 B URL HTTP/2 za.zalo.me/v3/le?msg=Set%20visitor%20id%20while%20it%20is%20invalid%3A%20&ver=2201101603&r=1673856378316
IP 49.213.114.149:0
ASN #38244 VNG Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/le?msg=Set%20visitor%20id%20while%20it%20is%20invalid%3A%20&ver=2201101603&r=1673856378316 HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:18 GMT
content-length: 0
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2
za.zalo.me/v3/w/t
49.213.114.149200 OK 193 B IP 49.213.114.149:0
ASN #38244 VNG Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash b381e9cb879e4fd54bb4d08fd13731b7
411c260343ba30f64aee658b9a15b39070bf525b
9b5d9d120d909d8975097d13fa4cd03fb008696e70f48c47bdb5ad542e842640
POST /v3/w/t HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 316
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:18 GMT
content-type: application/json; charset=utf-8
content-length: 193
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
set-cookie: __zi=2000.VPtvheCV6jGvZl6qdrj7d3oD-xEVKadJEeFx_9PHIDCrZlpzCG.1;Secure;SameSite=None;Path=/;Domain=zalo.me;Max-Age=62208000
__zi-legacy=2000.VPtvheCV6jGvZl6qdrj7d3oD-xEVKadJEeFx_9PHIDCrZlpzCG.1;Path=/;Domain=zalo.me;Expires=Sun, 05-Jan-2025 08:06:18 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2
page.widget.zalo.me/static/static/js/main.bdb050eb.chunk.js
49.213.114.167200 OK 63 kB URL HTTP/2 page.widget.zalo.me/static/static/js/main.bdb050eb.chunk.js
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type ASCII text, with very long lines (65536), with no line terminators
Hash dc119cd0eaa3f8f333b51baa9a56cf8d
3fe63b718d9dc1143375b19658186817614fb875
d4e47681169ab880f093e173f46122c4ebf16e85e367408f27aaea9051c8a0de
GET /static/static/js/main.bdb050eb.chunk.js HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=55b54d2a-68b9-4ae1-8de0-f35a9b245823&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:17 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=149005296&tm=gtm002&Ver=2&mid=b557f7a8-2461-40ab-864d-4084e49dce33&sid=a83af120957411edbf5f23e0597affe8&vid=a83b10e0957411eda1d9d7006bb9f576&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&p=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63C505747EED7B6E0A0B73CC%26utm_content%3D118753&r=<=3147&evt=pageLoad&sv=1&rn=65730
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=149005296&tm=gtm002&Ver=2&mid=b557f7a8-2461-40ab-864d-4084e49dce33&sid=a83af120957411edbf5f23e0597affe8&vid=a83b10e0957411eda1d9d7006bb9f576&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&p=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63C505747EED7B6E0A0B73CC%26utm_content%3D118753&r=<=3147&evt=pageLoad&sv=1&rn=65730
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=149005296&tm=gtm002&Ver=2&mid=b557f7a8-2461-40ab-864d-4084e49dce33&sid=a83af120957411edbf5f23e0597affe8&vid=a83b10e0957411eda1d9d7006bb9f576&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&p=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63C505747EED7B6E0A0B73CC%26utm_content%3D118753&r=<=3147&evt=pageLoad&sv=1&rn=65730 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1029AF779F476EA62E8DBDEC9EB26F79; domain=.bing.com; expires=Sat, 10-Feb-2024 08:06:18 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 80F65728E2C2421F91496C0F9003D41F Ref B: OSL30EDGE0508 Ref C: 2023-01-16T08:06:18Z
date: Mon, 16 Jan 2023 08:06:17 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/149005296.js
13.107.21.200200 OK 1.4 kB URL HTTP/2 bat.bing.com/p/action/149005296.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash ec7a2e2ee5b3f11be7ed9d5abdc9004f
0b22e27e8b1e950b78143dd45661742a704c4a06
a45499257416e78f4f378ccfa9bbd66e47d0ba46db8b79a9d1177694c029dd68
GET /p/action/149005296.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1447
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=1E4157E93ECD6AC729CF45723F386B83; domain=.bing.com; expires=Sat, 10-Feb-2024 08:06:18 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B41FC96E929547709D4A24EA9E1A29E4 Ref B: OSL30EDGE0508 Ref C: 2023-01-16T08:06:18Z
date: Mon, 16 Jan 2023 08:06:17 GMT
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 110 kB IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (64360)
Size 110 kB (110234 bytes)
Hash 65ffd58f81326a6de330818e7d2e785e
43b6a29fbab17527af0cd350616d5ab56f2ec842
4ee695a84d6cd2b8d612a03779d0f8afcd18af357d4dfbb7b8a93eecdd8b0200
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=OL-awF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czNKUVloR3FFMGR3MXclMkYlMkJ5OFBPVGRQdSUyRkFhbmczU3ZjVnA5czNJQVR6NlQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:14 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=4I-5Ll80M0RITmhlJTJCZkMwOUJGQlhaMUN2czNKUVloR3FFMGR3MXclMkYlMkJ5OFBPVGRPd3hQaGNYN0ExMVhzQW92amFrV3BE; expires=Sat, 10 Feb 2024 08:06:15 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 387877
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
za.zalo.me/v3/w/t
49.213.114.149200 OK 951 B IP 49.213.114.149:0
ASN #38244 VNG Corporation
File type gzip compressed data, max compression\012- data
Hash d4fc1e51ce8c1709fa37402e1468ae32
022665cdf88a3f4a2ae12913a38599c409aa1f2a
7c4106a501f80ea1d7717eb2712ea1f1d34318699e0519a0e6c5b621602b541c
POST /v3/w/t HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 585
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:18 GMT
content-type: application/json; charset=utf-8
content-length: 177
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
set-cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4kKOfRtkyv3GDjhalBqnq11ssIVzlyv.1;Secure;SameSite=None;Path=/;Domain=zalo.me;Max-Age=62208000
__zi-legacy=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4kKOfRtkyv3GDjhalBqnq11ssIVzlyv.1;Path=/;Domain=zalo.me;Expires=Sun, 05-Jan-2025 08:06:18 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2
sp-zp.zdn.vn/sdk-server-1.0.0.js
120.138.69.12200 OK 2.9 kB URL HTTP/2 sp-zp.zdn.vn/sdk-server-1.0.0.js
IP 120.138.69.12:0
ASN #38244 VNG Corporation
File type ASCII text, with very long lines (1569)
Hash 374d60c509f50bf1c19bd22baf9f48d4
51edea09de7d6cca92e113afeb8eb04bcb3a8a34
d7e675024981a396c864a91cd38aa73f01375a10b78740f1eba6ddad76362dd6
GET /sdk-server-1.0.0.js HTTP/1.1
Host: sp-zp.zdn.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:18 GMT
content-type: application/javascript
content-length: 2889
last-modified: Fri, 26 Aug 2022 06:58:29 GMT
access-control-allow-origin: *
accept-ranges: bytes
age: 18567
server: ZDN
X-Firefox-Spdy: h2
page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js
49.213.114.167200 OK 238 kB URL HTTP/2 page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type ASCII text, with very long lines (65462)
Size 238 kB (237922 bytes)
Hash e0defb0eec89110d3250c921c88a7e39
66974b7fb9e9042e4c0e15ff2645dd6763cc3c7e
07eca7bdfde65df42083049c26ed4731810b6b6a302f86f6b8e97a7a12949668
GET /static/static/js/2.7b346dac.chunk.js HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=55b54d2a-68b9-4ae1-8de0-f35a9b245823&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:17 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.7.1/clarity.js
13.107.237.53200 OK 19 kB URL HTTP/2 www.clarity.ms/eus2/s/0.7.1/clarity.js
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (56646)
Hash 66bec5cf19258f21f546dafbd8fbac89
9ad80a56291ca677990c37c376631d3ff74e0234
fe223664aef7e529023cbb3ee1920a439abcd1f70bd6ce9554a6fb6ca9e565fb
GET /eus2/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9162aa06b059e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0T6nEYwAAAADgi5DY7iAvTLSXvzS8ZdKtRlJBMjMxMDUwNDE3MDI3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-azure-ref: 0egXFYwAAAADDBbSeEtcRQJTqWTj9fpAKQ1BIMzBFREdFMDQxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 16 Jan 2023 08:06:18 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 42306
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
date: Mon, 16 Jan 2023 08:06:18 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 97f3f987a13f2922ed0ca2c16f257cb3
dae88e8b5448337911d2e0c74563283f9b876918
724857636082b7a2d88671182cdefc72c76f6200e604b4d6db432bf8c6b79cb6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170652
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:19 GMT
Etag: "63c4fd17-1d7"
Expires: Wed, 18 Jan 2023 07:30:31 GMT
Last-Modified: Mon, 16 Jan 2023 07:30:31 GMT
Server: nginx
Content-Length: 471
px.dmp.zaloapp.com/static/zdmp_tr_px.js
49.213.114.180200 OK 2.6 kB URL HTTP/2 px.dmp.zaloapp.com/static/zdmp_tr_px.js
IP 49.213.114.180:0
ASN #38244 VNG Corporation
File type ASCII text, with very long lines (2647), with no line terminators
Hash 3ef744e78aeed6156b780503bd74bb97
5f2ea6ef1c85a8b0e01896f0a72e38e4a7ee9ece
0f7242dd0414ccc179b5e08a6bcd8e8334683f4339d1f7bb082555d4ea1684a6
GET /static/zdmp_tr_px.js HTTP/1.1
Host: px.dmp.zaloapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:19 GMT
content-type: application/javascript
content-length: 2647
last-modified: Tue, 27 Dec 2022 07:33:52 GMT
etag: "63aa9fe0-a57"
accept-ranges: bytes
server: za-ngx-srv
cache-control: no-cache, max-age=0
X-Firefox-Spdy: h2
api.widget.zalo.me/v1/zuser
49.213.114.167200 OK 57 B URL HTTP/2 api.widget.zalo.me/v1/zuser
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash 3e9590827921ed67322cbbfcdb754ff1
392279ecefe6f8f88aa223e79206e65891249883
a4518a2205f5917f44bfb75a043a10df95eef8c353aca95306de38dcd5d7bb18
OPTIONS /v1/zuser HTTP/1.1
Host: api.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: zreferrer
Referer: https://page.widget.zalo.me/
Origin: https://page.widget.zalo.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:19 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
api.widget.zalo.me/v1/oa?oaid=1841675626203250178
49.213.114.167200 OK 564 B URL HTTP/2 api.widget.zalo.me/v1/oa?oaid=1841675626203250178
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (557), with no line terminators
Hash f3dcee426105f92a31c0432edca1af3e
bf263012b0928fe2b5fa86e87c1bd4dd5c87e319
ac0e834de60cb3e4210b85853319150e0206a13cefc8d95cee0400b9961f2319
OPTIONS /v1/oa?oaid=1841675626203250178 HTTP/1.1
Host: api.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,zreferrer
Referer: https://page.widget.zalo.me/
Origin: https://page.widget.zalo.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:19 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 07:51:59 GMT
expires: Thu, 11 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 432861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11800, version 1.0\012- data
Hash e36fccd06262bef92e7a9841e2202225
b907dd02819497b3942220e0aa160c167195506b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 00:55:57 GMT
expires: Mon, 15 Jan 2024 00:55:57 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
age: 112223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 19:33:54 GMT
expires: Thu, 11 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 390746
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 14:50:08 GMT
expires: Wed, 10 Jan 2024 14:50:08 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
age: 494172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
za.zalo.me/gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4kKOfRtkyv3GDjhalBqnq11ssIVzlyv.1&anoTok=NdqLyA_arCPFSn3pfUFRnKHi2h7xxSE767u0h-cfW8a0EqMwuA23Y00qIBuvC7q
49.213.114.149200 OK 145 B URL HTTP/2 za.zalo.me/gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4kKOfRtkyv3GDjhalBqnq11ssIVzlyv.1&anoTok=NdqLyA_arCPFSn3pfUFRnKHi2h7xxSE767u0h-cfW8a0EqMwuA23Y00qIBuvC7q
IP 49.213.114.149:0
ASN #38244 VNG Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash 21b46aef5526e255db062793b6369074
7d4b3c36063e7d06ec047054122a9eace158b266
c1e3c96f31f936588f9f1ec8e1609ef13a90ab260a79ca3f0b6bf37a87f35106
GET /gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4kKOfRtkyv3GDjhalBqnq11ssIVzlyv.1&anoTok=NdqLyA_arCPFSn3pfUFRnKHi2h7xxSE767u0h-cfW8a0EqMwuA23Y00qIBuvC7q HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:20 GMT
content-type: application/json; charset=utf-8
content-length: 145
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2
page.widget.zalo.me/static/images/2.0/Logo.svg
49.213.114.167200 OK 1.3 kB URL HTTP/2 page.widget.zalo.me/static/images/2.0/Logo.svg
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (696)
Hash 311478921d5ccfd5f26fdc6776a2c45a
6d42312fd69c96c77d7fc7104c943f4c8292e0c4
6dca0db9475a15c27d0f49161912ca1dd402f9094f71063aa3b34d8dce24b781
GET /static/images/2.0/Logo.svg HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=55b54d2a-68b9-4ae1-8de0-f35a9b245823&domain=www.jeff.vn&android=false&ios=false
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4kKOfRtkyv3GDjhalBqnq11ssIVzlyv.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:20 GMT
content-type: image/svg+xml
content-length: 1343
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.157200 OK 183 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.157:0
Hash 5cd4dd1b92e3cbf5f17becf45240a0ea
a6af7f17acd42c77068355e66ad65bc92fc53794
fe000b086923c8102459ff58c0eb2dfc3cb2d2372d7eac6028bf409825f6b2f9
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 107106
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
page.widget.zalo.me/static/css/fa/webfonts/fa-regular-400.woff2
49.213.114.167200 OK 169 kB URL HTTP/2 page.widget.zalo.me/static/css/fa/webfonts/fa-regular-400.woff2
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type Web Open Font Format (Version 2), TrueType, length 168768, version 331.-31261\012- data
Size 169 kB (168768 bytes)
Hash d8689b99dce7c881d3130f3c91cfefdf
fb005c93930c13b3a5f449bbc75ba5ee23f609fa
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
GET /static/css/fa/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://page.widget.zalo.me/static/css/fa/css/all.min.css
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4kKOfRtkyv3GDjhalBqnq11ssIVzlyv.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:20 GMT
content-type: font/woff2
content-length: 168768
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
page.widget.zalo.me/static/css/fa/webfonts/fa-light-300.woff2
49.213.114.167200 OK 184 kB URL HTTP/2 page.widget.zalo.me/static/css/fa/webfonts/fa-light-300.woff2
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type Web Open Font Format (Version 2), TrueType, length 184144, version 331.-31261\012- data
Size 184 kB (184144 bytes)
Hash de11da0fb48a14c9cbc05b0a24ed6efa
878cd08a06b335d95826e813e0a8777e28a76d04
e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d
GET /static/css/fa/webfonts/fa-light-300.woff2 HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://page.widget.zalo.me/static/css/fa/css/all.min.css
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4kKOfRtkyv3GDjhalBqnq11ssIVzlyv.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:20 GMT
content-type: font/woff2
content-length: 184144
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1956
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
date: Mon, 16 Jan 2023 08:06:20 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b058ba6cf101a8518ff7d86a7807a0ca
0ecc57fb5a0b0202dd5ec15dc8bf18259fa7a955
c128f4e31bfa291173ce46b17e417757367d366ca786a3174c4a457cd13a3a96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5331
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:21 GMT
Etag: "63c36dce-1d7"
Last-Modified: Mon, 16 Jan 2023 06:37:30 GMT
Server: ECS (amb/6B85)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b058ba6cf101a8518ff7d86a7807a0ca
0ecc57fb5a0b0202dd5ec15dc8bf18259fa7a955
c128f4e31bfa291173ce46b17e417757367d366ca786a3174c4a457cd13a3a96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2543
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:21 GMT
Etag: "63c36dce-1d7"
Last-Modified: Mon, 16 Jan 2023 07:23:58 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b058ba6cf101a8518ff7d86a7807a0ca
0ecc57fb5a0b0202dd5ec15dc8bf18259fa7a955
c128f4e31bfa291173ce46b17e417757367d366ca786a3174c4a457cd13a3a96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2488
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:21 GMT
Last-Modified: Mon, 16 Jan 2023 07:24:53 GMT
Server: ECS (amb/6B72)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b058ba6cf101a8518ff7d86a7807a0ca
0ecc57fb5a0b0202dd5ec15dc8bf18259fa7a955
c128f4e31bfa291173ce46b17e417757367d366ca786a3174c4a457cd13a3a96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=154831
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:21 GMT
Etag: "63c4bf4c-1d7"
Expires: Wed, 18 Jan 2023 03:06:52 GMT
Last-Modified: Mon, 16 Jan 2023 03:06:52 GMT
Server: nginx
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0022fa9-c30e-4529-88ce-9e459037d9a6.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0022fa9-c30e-4529-88ce-9e459037d9a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a76dfabd1b1a4be07a8f20c5beeed1e5
d53e914a4967cb214161e9c6d6885384cce2c19e
769534c59ce01cdff3ff60f792db4a975eeca3d101d79b0e2d8e94b4e19da583
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0022fa9-c30e-4529-88ce-9e459037d9a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7820
x-amzn-requestid: 4655d49f-9376-4f60-bd81-cacef32798a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etkuvFANIAMFZ-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21b2a-53fae20e204d44c801a5aa8e;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:02:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: taJKDvcq634PIyhQmsGOIEINUA3MgqJalDaKKDvlO-EfHOv69M5BaQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 05:41:06 GMT
age: 8715
etag: "d53e914a4967cb214161e9c6d6885384cce2c19e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fa6db08aea08c8f64f7f927056520af8
4f05a22b91fb73cc25930b25170b52b998b392f5
8798217dfab892e2ae780957aec6440c9ae8a62943438f01905ab43d33faee5a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1500
Cache-Control: max-age=141604
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 08:06:21 GMT
Etag: "63c485c5-1d7"
Expires: Tue, 17 Jan 2023 23:26:25 GMT
Last-Modified: Sun, 15 Jan 2023 23:01:25 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
sp.zalo.me/plugins/sdk.js
49.213.114.132200 OK 0 B URL HTTP/2 sp.zalo.me/plugins/sdk.js
IP 49.213.114.132:0
ASN #38244 VNG Corporation
GET /plugins/sdk.js HTTP/1.1
Host: sp.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:15 GMT
content-type: text/javascript;charset=utf-8
etag: cbc6013bb2eeee269197cfbcfe0d1818--gzip
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
clientcdn.pushengage.com/core/c946221a-b52c-4331-a28e-1cb0bf89cc6f.js
54.230.111.20200 OK 0 B URL HTTP/2 clientcdn.pushengage.com/core/c946221a-b52c-4331-a28e-1cb0bf89cc6f.js
IP 54.230.111.20:0
GET /core/c946221a-b52c-4331-a28e-1cb0bf89cc6f.js HTTP/1.1
Host: clientcdn.pushengage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 16 Jan 2023 08:05:51 GMT
server: nginx
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: a5ZhL_RVVtkKh3EkJI__B3vjceZz5_7ww6OMXJ4_TCiVojRzBZm9DQ==
age: 23
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b38c709cd45_announce.svg
143.204.55.80200 OK 0 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b38c709cd45_announce.svg
IP 143.204.55.80:0
GET /6107d6546b656bffc909cd26/6107d6546b656b38c709cd45_announce.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b142ddf0d.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 09 Dec 2022 09:54:28 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: W/"312f73f9d116b50e2aa65bea96d932a0"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: gZE.0bXdriCNJlCWYrhY_XehgFydewEt
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 3276707
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jCrIhdNm34jay54npuQyZWyCiDj4sFEOgmW4i5dEQ3Xi66D7dS22Qw==
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2616020.js?sv=7
143.204.55.54200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2616020.js?sv=7
IP 143.204.55.54:0
GET /c/hotjar-2616020.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Mon, 16 Jan 2023 08:06:16 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/5357f49234bd663481a4b0a0c81a5d67
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WfjUPtNz2u4g5AVV2do-FSLvcWiZg7nG4sYvaaf_IfaBAtKsO-4B4g==
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/149005296
13.107.237.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/uet/149005296
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/uet/149005296 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=3bf519036fcc44d9bce658f18f924a12.20230116.20240116; expires=Tue, 16 Jan 2024 08:06:18 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
x-cache: CONFIG_NOCACHE
x-azure-ref: 0egXFYwAAAAAuWzKCNldFRIuplui2YRqlQ1BIMzBFREdFMDQxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 16 Jan 2023 08:06:18 GMT
X-Firefox-Spdy: h2
widget.chat.zalo.me/login-tab?oaId=1841675626203250178
49.213.78.128200 OK 0 B URL HTTP/2 widget.chat.zalo.me/login-tab?oaId=1841675626203250178
IP 49.213.78.128:0
ASN #38244 VNG Corporation
OPTIONS /login-tab?oaId=1841675626203250178 HTTP/1.1
Host: widget.chat.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,zreferrer
Referer: https://page.widget.zalo.me/
Origin: https://page.widget.zalo.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:21 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Headers, Authorization, Zreferrer
access-control-allow-credentials: true
allow: GET, HEAD, POST, TRACE, OPTIONS
server: za-ngx-srv
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0db681f4101c2e9eac8_in.svg
143.204.55.80200 OK 0 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0db681f4101c2e9eac8_in.svg
IP 143.204.55.80:0
GET /6107d6546b656bffc909cd26/624dd0db681f4101c2e9eac8_in.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 11 Jan 2023 00:40:08 GMT
last-modified: Wed, 06 Apr 2022 17:41:48 GMT
etag: W/"5edd93d3ac96637a6387b794ef6bd0ec"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: VP6TR.Hx58N3J68upyMni2nf3wXbty2o
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 458767
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9N_6xhK3eDyJWnFcBWo0XpFcJWVXG1vbP2qOhuGK5ETiqy07BC4Kpw==
X-Firefox-Spdy: h2
px.dmp.zaloapp.com/tr?id=7711843404775064594&event=PageView&sessionId=f3fd3b9b-add7-42f7-31c7-ce8d43c5b01a&time=1673856380825&version=1&zscript=1&lastsrcref=https://www.jeff.vn&vid=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4kKOfRtkyv3GDjhalBqnq11ssIVzlyv.1
49.213.114.180200 OK 0 B URL HTTP/2 px.dmp.zaloapp.com/tr?id=7711843404775064594&event=PageView&sessionId=f3fd3b9b-add7-42f7-31c7-ce8d43c5b01a&time=1673856380825&version=1&zscript=1&lastsrcref=https://www.jeff.vn&vid=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4kKOfRtkyv3GDjhalBqnq11ssIVzlyv.1
IP 49.213.114.180:0
ASN #38244 VNG Corporation
GET /tr?id=7711843404775064594&event=PageView&sessionId=f3fd3b9b-add7-42f7-31c7-ce8d43c5b01a&time=1673856380825&version=1&zscript=1&lastsrcref=https://www.jeff.vn&vid=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4kKOfRtkyv3GDjhalBqnq11ssIVzlyv.1 HTTP/1.1
Host: px.dmp.zaloapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:20 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0
pragma: no-cache
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag
IP 178.250.2.146:0
GET /syncframe?topUrl=www.jeff.vn&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:15 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=d7a18ba3-3574-447c-ad8f-7ad9396f5946; expires=Sat, 10 Feb 2024 08:06:15 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 869458
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/625879fcf6c684929927dfca_Group%20746.svg
143.204.55.80200 OK 0 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/625879fcf6c684929927dfca_Group%20746.svg
IP 143.204.55.80:0
GET /6107d6546b656bffc909cd26/625879fcf6c684929927dfca_Group%20746.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 08 Dec 2022 01:01:10 GMT
last-modified: Thu, 14 Apr 2022 19:46:07 GMT
etag: W/"294148022ac8428de1511db3b5923568"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: Ahcx4AKIE_naP6h4S1YItLgxflJXvFO4
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 3395105
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qCzzI2RoeYerf5v_1HsbxPWPiRV6IDY8wx8_lcYyos5FN9Kl0sOG_A==
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=98165
178.250.2.140200 OK 0 B URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=98165
IP 178.250.2.140:0
GET /js/ld/ld.js?a=98165 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:14 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
app.jeff.vn/embeddable-scripts/webflow/global.js
54.230.111.20200 OK 0 B URL HTTP/2 app.jeff.vn/embeddable-scripts/webflow/global.js
IP 54.230.111.20:0
GET /embeddable-scripts/webflow/global.js HTTP/1.1
Host: app.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Mon, 16 Jan 2023 08:06:15 GMT
set-cookie: AWSALB=Aa/7aYLswR03u71XZqZ0/Tdfx8ZXZMzw8Xw2678kdeX1lwZGkaFbZZrNiXEQqO1sMu503dkPBXWujVhMOwGIYpWlDmXdT+dMfAMOKIfAXB11CmOSUN6t6nJNQIks; Expires=Mon, 23 Jan 2023 08:06:15 GMT; Path=/
AWSALBCORS=Aa/7aYLswR03u71XZqZ0/Tdfx8ZXZMzw8Xw2678kdeX1lwZGkaFbZZrNiXEQqO1sMu503dkPBXWujVhMOwGIYpWlDmXdT+dMfAMOKIfAXB11CmOSUN6t6nJNQIks; Expires=Mon, 23 Jan 2023 08:06:15 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Mon, 16 Jan 2023 07:14:42 GMT
etag: W/"18b86-185b96e26d0"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: uglSzpBY4D19SicAJB4Iar8anNGYyJ9XoXjnUg3OZsNXKV-LMiolUg==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=jeff.vn&sn=FirefoxSyncframe&so=0&topUrl=www.jeff.vn&info=4I-5Ll80M0RITmhlJTJCZkMwOUJGQlhaMUN2czNKUVloR3FFMGR3MXclMkYlMkJ5OFBPVGRPd3hQaGNYN0ExMVhzQW92amFrV3BE&idsd=969857499,651082738&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=jeff.vn&sn=FirefoxSyncframe&so=0&topUrl=www.jeff.vn&info=4I-5Ll80M0RITmhlJTJCZkMwOUJGQlhaMUN2czNKUVloR3FFMGR3MXclMkYlMkJ5OFBPVGRPd3hQaGNYN0ExMVhzQW92amFrV3BE&idsd=969857499,651082738&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=onetag&domain=jeff.vn&sn=FirefoxSyncframe&so=0&topUrl=www.jeff.vn&info=4I-5Ll80M0RITmhlJTJCZkMwOUJGQlhaMUN2czNKUVloR3FFMGR3MXclMkYlMkJ5OFBPVGRPd3hQaGNYN0ExMVhzQW92amFrV3BE&idsd=969857499,651082738&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 559012
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
page.widget.zalo.me/static/css/fa/css/all.min.css
49.213.114.167200 OK 0 B URL HTTP/2 page.widget.zalo.me/static/css/fa/css/all.min.css
IP 49.213.114.167:0
ASN #38244 VNG Corporation
GET /static/css/fa/css/all.min.css HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=55b54d2a-68b9-4ae1-8de0-f35a9b245823&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 08:06:17 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b1c9a09cd47_heart.svg
143.204.55.80200 OK 0 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b1c9a09cd47_heart.svg
IP 143.204.55.80:0
GET /6107d6546b656bffc909cd26/6107d6546b656b1c9a09cd47_heart.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b142ddf0d.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 05 Dec 2022 17:15:54 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: W/"0b0444d559b753b01769d338e8e6b725"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: YtxyRj6nwilAX9Q.ecsWds7UwrywbMpz
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
age: 3595821
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wrDm72EO4VVRPWhoYZpjgcVtu5SShnbuyQJ6Lx5qBHMnDGyMt4a9SQ==
X-Firefox-Spdy: h2