Report - www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm

Report Overview

Submitted URL
www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253
IP
16.163.152.254
ASN
#16509 AMAZON-02
Submitted
2023-02-09 02:06:12
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
assets-global.website-files.com	14027	2020-11-01T16:14:58Z	2023-03-13T08:20:03Z	11 kB	896 kB	54.230.111.7
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	44.235.159.98
ocsp.r2m02.amazontrust.com	unknown	2022-10-12T16:01:39Z	2023-03-13T08:10:58Z	700 B	2.0 kB	54.230.80.227
vars.hotjar.com	1014	2020-11-05T11:13:14Z	2023-03-12T19:56:22Z	501 B	1.7 kB	54.230.111.85
px.dmp.zaloapp.com	83274	2021-10-14T06:54:30Z	2023-03-13T05:59:10Z	1.0 kB	3.2 kB	49.213.114.180
c.clarity.ms	803	2021-02-04T00:22:47Z	2023-03-13T05:09:17Z	843 B	1.2 kB	40.69.95.108
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	386 B	6.4 kB	142.250.74.170
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	377 B	86 kB	216.58.207.200
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.3 kB	58 kB	34.120.237.76
za.zalo.me	24529	2019-02-01T05:55:17Z	2023-03-13T10:27:02Z	2.5 kB	2.7 kB	49.213.114.149
gum.criteo.com	381	2015-01-22T11:58:57Z	2023-03-13T07:21:44Z	1.1 kB	9.2 kB	178.250.0.157
c.bing.com	247	2012-05-22T12:26:32Z	2023-03-13T05:09:17Z	489 B	1.0 kB	13.107.21.200
sp.zalo.me	25155	2017-01-24T16:13:09Z	2023-03-13T05:59:07Z	356 B	284 B	49.213.114.132
api.jeff-app.com	unknown	2020-06-30T14:30:31Z	2023-03-13T05:59:08Z	393 B	486 B	3.7.213.239
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	769 B	349 B	31.13.72.36
www.clarity.ms	1404	2018-08-22T09:41:57Z	2023-03-13T05:09:16Z	363 B	518 B	13.107.237.53
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
www.jeff.vn	unknown	2021-07-31T11:50:42Z	2023-03-13T13:02:00Z	1.0 kB	12 kB	18.167.223.92
11882785.fls.doubleclick.net	unknown	2022-11-09T06:10:36Z	2023-03-13T05:59:07Z	761 B	1.1 kB	142.250.74.70
static.hotjar.com	641	2014-11-01T06:14:27Z	2023-03-13T05:12:51Z	373 B	624 B	54.230.111.113
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
www.googleoptimize.com	1604	2019-07-16T12:17:19Z	2023-03-13T07:14:58Z	380 B	48 kB	142.250.74.174
region1.analytics.google.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:11:52Z	930 B	442 B	216.239.32.36
widget.chat.zalo.me	103277	2021-06-25T14:08:09Z	2023-03-13T05:59:13Z	1.8 kB	1.9 kB	49.213.78.128
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	3.8 kB	7.8 kB	93.184.220.29
adservice.google.com	76	2021-02-20T17:10:48Z	2023-03-13T08:49:52Z	769 B	884 B	142.250.74.34
gem.gbc.criteo.com	6039	2019-01-31T11:05:09Z	2023-03-13T05:34:09Z	387 B	493 B	178.250.6.197
clientcdn.pushengage.com	14595	2017-05-20T03:44:34Z	2023-02-09T20:11:24Z	400 B	474 B	54.230.111.71
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	6.2 kB	13 kB	142.250.74.163
d3e54v103j8qbb.cloudfront.net	unknown	2016-03-11T23:08:14Z	2023-03-13T05:59:07Z	450 B	41 kB	54.230.245.192
ocsp.r2m01.amazontrust.com	unknown	2022-10-12T22:43:53Z	2023-03-13T08:10:39Z	1.4 kB	3.5 kB	54.230.80.227
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	1.2 kB	53 kB	31.13.72.12
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	865 B	54.230.245.100
za.zdn.vn	28240	2017-01-25T01:21:00Z	2023-03-13T10:27:03Z	371 B	8.2 kB	120.138.69.5
static.jeff-app.com	unknown	2020-06-30T12:53:19Z	2023-03-13T05:59:07Z	375 B	1.6 kB	34.159.75.132
adservice.google.no	96969	2018-06-20T01:38:38Z	2023-03-13T05:09:46Z	760 B	724 B	142.250.74.162
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	361 B	1.9 kB	104.18.21.226
page.widget.zalo.me	108490	2021-06-22T19:00:22Z	2023-03-13T05:59:08Z	7.6 kB	363 kB	49.213.114.167
dynamic.criteo.com	4826	2018-04-12T12:04:05Z	2023-03-13T07:07:00Z	369 B	355 B	178.250.2.140
jeffvn.pushengage.com	unknown	2022-08-08T10:29:06Z	2023-03-13T05:59:08Z	377 B	5.8 kB	54.174.94.80
app.jeff.vn	unknown	2021-08-02T16:27:26Z	2023-03-13T05:59:07Z	378 B	49 kB	54.230.111.57
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	596 B	590 B	173.194.222.156
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	512 B	578 B	142.250.74.164
s160-ava-talk.zadn.vn	11607	2019-02-26T10:27:04Z	2023-03-13T15:25:29Z	432 B	3.9 kB	103.39.92.104
ag.gbc.criteo.com	5925	2018-12-17T14:17:41Z	2023-03-13T05:53:12Z	386 B	493 B	185.235.84.184
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	368 B	21 kB	142.250.74.110
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.76.226
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	11 kB	320 kB	216.58.207.227
sp.jeff.vn	unknown	2022-08-08T10:29:06Z	2023-03-13T05:59:08Z	3.3 kB	1.2 kB	43.205.2.12
bat.bing.com	387	2014-04-08T11:23:16Z	2023-03-13T05:09:15Z	1.7 kB	15 kB	13.107.21.200
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	478 B	578 B	142.250.74.131
dnacdn.net	3760	2019-09-02T17:07:45Z	2023-03-13T07:41:37Z	884 B	1.3 kB	178.250.0.157
script.hotjar.com	887	2020-11-05T17:23:46Z	2023-03-13T07:54:54Z	380 B	69 kB	54.230.111.93
d.clarity.ms	2285	2021-07-27T14:49:08Z	2023-03-13T08:31:00Z	893 B	560 B	40.76.174.66
api.widget.zalo.me	100646	2021-06-22T19:00:19Z	2023-03-13T05:59:11Z	2.2 kB	2.6 kB	49.213.114.167

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-09	medium	jeff.vn	Sinkholed
2023-02-09	medium	jeff.vn	Sinkholed
2023-02-09	medium	jeff.vn	Sinkholed
2023-02-09	medium	jeff.vn	Sinkholed
2023-02-09	medium	jeff.vn	Sinkholed
2023-02-09	medium	jeff.vn	Sinkholed

ThreatFox

No alerts detected

JavaScript (51)

	URL	Size	First Seen	Last Seen
	www.clarity.ms/eus/s/0.7.1/clarity.js	57 kB	2023-03-09	2023-11-05
Pretty URL www.clarity.ms/eus/s/0.7.1/clarity.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:22:27 Last Seen2023-11-05 22:32:51 Times Seen3 Hash b9b253f431c87fd6d386778bb4f53db8 7e1615b8e242a06e0631ed4e0662cc3fb6487fc6 da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf Loading...

	dynamic.criteo.com/js/ld/ld.js?a=98165	44 kB	2023-03-13	2023-03-13
Pretty URL dynamic.criteo.com/js/ld/ld.js?a=98165 IP 178.250.2.140 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:27:26 Last Seen2023-03-13 20:56:40 Times Seen1 Hash 579ca0ce02126ac60aeeaf196feafb2d d108c460a5c6f824c89475097cb4f4b091bdeed9 b27736864807ca0c5f207d635ba2dadbec95c26c643d1808e5f4e8a93cc9bafd Loading...

	za.zdn.vn/v3/za.js?19397	20 kB	2023-03-07	2023-12-05
Pretty URL za.zdn.vn/v3/za.js?19397 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:29 Last Seen2023-12-05 12:27:38 Times Seen211 Hash 51313feaee884260be28725bc3bdcd23 41ff89cbc17664425d2ffcebf82f995ffb82e80a 283c6e49992d2a00cc6e9eb88668b65be994b1c6e907dc561854869c21fa8251 Loading...

	connect.facebook.net/signals/plugins/identity.js?v=2.9.95	65 kB	2023-03-08	2024-02-19
Pretty URL connect.facebook.net/signals/plugins/identity.js?v=2.9.95 IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:50 Last Seen2024-02-19 23:40:48 Times Seen4401 Hash ed5d6caf417fab681343bc3414babc55 410ba8d8866d7c7df41f21526345cfb7426386f2 7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f Loading...

	www.clarity.ms/tag/uet/149005296	1.1 kB	2023-03-13	2023-03-13
Pretty URL www.clarity.ms/tag/uet/149005296 IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:27:26 Last Seen2023-03-13 20:05:39 Times Seen1 Hash ad8b5f73126f09021ce925a35f6a62da 809b78819d285ac83dbc2ee0d9b7216503f7630d 0dcbfef1a41b28c3f59971f214aefcb60d62a4d474d4f1bcf60836a9a6634dab Loading...

	static.jeff-app.com/scripts/CalcContainer.js	5.3 kB	2023-03-12	2023-05-20
Pretty URL static.jeff-app.com/scripts/CalcContainer.js IP 34.159.75.132 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:33:50 Last Seen2023-05-20 15:53:13 Times Seen12 Hash af3aab26c19bea9346af5f9cab9b46c2 56d1340af032bfa8fb37a054c93d9f29918615fd 6db1b103f2e3d724f158626e5b026add3531cb24eebcd413c1c89a8708175abd Loading...

	gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22jeff.vn%22,%22topUrl%22:%22www.jeff.vn%22,%22version%22:%225_13_0%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true,%22pm%22:0%7D	14 kB	2023-03-07	2023-05-06
Pretty URL gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22jeff.vn%22,%22topUrl%22:%22www.jeff.vn%22,%22version%22:%225_13_0%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true,%22pm%22:0%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:36 Last Seen2023-05-06 00:14:31 Times Seen2035 Hash 49e65b540d43d40997ce3844d41b2dd0 b7331c5edc086ee2c7731b1b36e937e7c44450a7 f185c1b78d87a007d9492a85c6ce64c06cc851ef9f13ca3caf8aaafe243b0ac2 Loading...

	page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false	2.3 kB	2023-03-09	2023-03-29
Pretty URL page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false IP 49.213.114.167 ASN #38244 VNG Corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:01:06 Last Seen2023-03-29 21:16:52 Times Seen5 Hash 98c99bea3b6624b0a534edab772b4c6a d9d9821bf8401e341a02c0b94626e87e30b63f5b 941d080ae309d0cbd136bc81b7c633ec9577b3ceba0699234fd8178eb53fa1d3 Loading...

	page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js	790 kB	2023-03-09	2023-03-26
Pretty URL page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js IP 49.213.114.167 ASN #38244 VNG Corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:01:07 Last Seen2023-03-26 14:03:47 Times Seen4 Hash 07bfd68e80850721f13c815f0ba4d06c b25c7b36faaf1fc478e06b82574cd610bca992a0 94b524da037b37726482611150004e8c576fe55047490bad7203157ccbce42ff Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 10:34:36 Times Seen37089843 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253	181 B	2023-03-07	2024-04-26
Pretty URL www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253 IP 18.167.223.92 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:43 Last Seen2024-04-26 08:15:15 Times Seen3769 Hash 0e9e3ad57abeefde87342864450cc232 4dc8676bf3417d597053d5f253fce034007f63da 9a37601d1f5a5f2fba3b000694d4bf5e035c606d5485dd94e2997cbe2efe5c26 Loading...

	clientcdn.pushengage.com/core/c946221a-b52c-4331-a28e-1cb0bf89cc6f.js	121 kB	2023-03-12	2023-03-13
Pretty URL clientcdn.pushengage.com/core/c946221a-b52c-4331-a28e-1cb0bf89cc6f.js IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:30:45 Last Seen2023-03-13 20:56:40 Times Seen1 Hash 18b25e4c0b77f663b0d54e811d4e0676 1a2560eb9098222df9c1747de253505678cc6804 c1886812da45ad85148393d9d068ac631f04e5237843fadb29a5325c88461adf Loading...

	page.widget.zalo.me/static/js/zinit.js?v5	2.5 kB	2023-03-09	2024-01-08
Pretty URL page.widget.zalo.me/static/js/zinit.js?v5 IP 49.213.114.167 ASN #38244 VNG Corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:01:07 Last Seen2024-01-08 12:39:33 Times Seen108 Hash 5b3d57ab388757da7eaea09f17410b48 efe4f3cf34dead6a959419ddb685bb80354132d6 38488bcabc1cee15df88f71d38004a8e277c2437e84ab3d6f47328140a028f4a Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-13	2023-11-17
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:47:19 Last Seen2023-11-17 16:32:25 Times Seen5 Hash beca88e7d9125b63f58be285031b0930 08cda009ebdf601f0ffe06b0ee3065fff2fb105b c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236 Loading...

	connect.facebook.net/signals/config/1043415689678719?v=2.9.95&r=stable	387 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/signals/config/1043415689678719?v=2.9.95&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:27:26 Last Seen2023-03-13 20:56:40 Times Seen1 Hash ccad7fd9418a159411b4e34a04219593 5dc876e5f6b1383006cd89fe96d797b929da0f05 4cdbfd0937630b0ae29a81799aeaa31f3be6b7f7069be1eba0dd1a906a3748fe Loading...

	www.googletagmanager.com/gtag/js?id=G-7RLV1ZQ10L&l=dataLayer&cx=c	249 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-7RLV1ZQ10L&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:05:39 Last Seen2023-03-13 20:05:39 Times Seen1 Hash fd072015e50992ea03eb9a237f683d99 ed7c79b39f6a7b526b97f1ed2bb7a0e8ed66268a 5e5bc6a1fe82bcc6ca893eba46c62d818c1a277c37ea10ee55b75cff6c5f0a21 Loading...

	sp.zalo.me/plugins/sdk.js	107 kB	2023-03-07	2024-02-16
Pretty URL sp.zalo.me/plugins/sdk.js IP 49.213.114.132 ASN #38244 VNG Corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:29 Last Seen2024-02-16 08:47:49 Times Seen33 Hash 187c71600bb712dd8b117041d66bf9f0 c5795df80abfed0b6068c0e5438717ac189367f6 c027ebd1c4192b5327c3194990a711b4081ea32a118e16f0d16a82f731ab3368 Loading...

	page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false	174 B	2023-03-09	2023-03-29
Pretty URL page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false IP 49.213.114.167 ASN #38244 VNG Corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:01:06 Last Seen2023-03-29 21:16:52 Times Seen5 Hash 8b67a24c6b760686a59cc4dc6601fd33 7522aebc5bb51a311d4c4b6f867fcb88c3801cb8 613b3cd63e07c7eb27d1907af7558eabdefb609d032d9203f2ae8d8bcb2fa98a Loading...

	page.widget.zalo.me/static/static/js/main.bdb050eb.chunk.js	169 kB	2023-03-09	2023-03-29
Pretty URL page.widget.zalo.me/static/static/js/main.bdb050eb.chunk.js IP 49.213.114.167 ASN #38244 VNG Corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:01:06 Last Seen2023-03-29 21:16:52 Times Seen5 Hash dcc5ed7c0bda3b55ca58cdb762a39460 382d82c522922203395f0be4b1a5361aa4cc3318 6231a111d26346ba5baf244992fb1c699f922388a43d16d338bf5455b913c591 Loading...

	app.jeff.vn/embeddable-scripts/webflow/global.js	106 kB	2023-03-13	2023-03-13
Pretty URL app.jeff.vn/embeddable-scripts/webflow/global.js IP 54.230.111.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:05:39 Last Seen2023-03-13 20:56:40 Times Seen1 Hash e5e031bd72bf27603156da661aa10cd6 e3737108b52dc9853297cbde92ae22be13cba345 11e3e628aa5f6718f95d587a3c7084889f0deda92be656521d7888b51fcb50a0 Loading...

	page.widget.zalo.me/static/js/cphandler.js	7.6 kB	2023-03-09	2024-02-11
Pretty URL page.widget.zalo.me/static/js/cphandler.js IP 49.213.114.167 ASN #38244 VNG Corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:01:06 Last Seen2024-02-11 17:26:32 Times Seen107 Hash 0e75c903af08e6ccabf9e74a44bfd13b c6ef3a3a090f0f0e60fb9fc9693812f902a6f687 5904f4c6de8f2b7a3912fa215e8486718e0cac1de1832f64b30f3f58c860dfa0 Loading...

	sp-zp.zdn.vn/sdk-server-1.0.0.js	2.9 kB	2023-03-09	2024-02-12
Pretty URL sp-zp.zdn.vn/sdk-server-1.0.0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:01:06 Last Seen2024-02-12 08:56:49 Times Seen122 Hash 374d60c509f50bf1c19bd22baf9f48d4 51edea09de7d6cca92e113afeb8eb04bcb3a8a34 d7e675024981a396c864a91cd38aa73f01375a10b78740f1eba6ddad76362dd6 Loading...

	px.dmp.zaloapp.com/static/zdmp_tr_px.js	2.6 kB	2023-03-12	2023-05-27
Pretty URL px.dmp.zaloapp.com/static/zdmp_tr_px.js IP 49.213.114.180 ASN #38244 VNG Corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:30:53 Last Seen2023-05-27 23:46:17 Times Seen30 Hash 3ef744e78aeed6156b780503bd74bb97 5f2ea6ef1c85a8b0e01896f0a72e38e4a7ee9ece 0f7242dd0414ccc179b5e08a6bcd8e8334683f4339d1f7bb082555d4ea1684a6 Loading...

	ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js	13 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:17 Last Seen2024-04-26 10:18:50 Times Seen22429 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253	341 B	2023-03-12	2023-05-20
Pretty URL www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253 IP 18.167.223.92 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:33:50 Last Seen2023-05-20 15:10:35 Times Seen6 Hash 301f0c9aca6ca538ad5676ee08340245 caeecd5027fae083de00d8dcac1e8e37b1f6df17 4817f2a5b728e13d379e4d5b91409f6d87b5f6aef9cc1dec0bbcc0ab0b7106b2 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK	278 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:05:39 Last Seen2023-03-13 20:05:39 Times Seen1 Hash 704dd60e04112b825c8381c547504484 3b7d7fde33a5a9b0a92b6cfa1d4a72bed9e174fd 39cfe09863cc98953a348e4f19a411b63874ab739d119f970a037545c59c0df2 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6107d6546b656bffc909cd26	90 kB	2023-03-07	2024-04-26
Pretty URL d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6107d6546b656bffc909cd26 IP 54.230.245.192 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 10:19:24 Times Seen139364 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253	112 B	2023-03-12	2023-05-20
Pretty URL www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253 IP 18.167.223.92 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:33:50 Last Seen2023-05-20 15:10:35 Times Seen6 Hash 3f91e93ced62f8aef33cb72f790dc567 eade82bdea5a68fa1286088c2a722433bdce5748 92d6d3bbaabad3f6f7ecd439a1a326b5af532c8c02af1ba5ba67dd1ad9c6cdbb Loading...

	bat.bing.com/p/action/149005296.js	3.7 kB	2023-03-13	2023-05-20
Pretty URL bat.bing.com/p/action/149005296.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:27:26 Last Seen2023-05-20 15:10:35 Times Seen8 Hash cdd888699f6494bdb47e5adadf5c22d5 d370d90c133bf99026da6edd2c7f22bc18e47dcb 5b86c67fb6fd07102084a25f27909e60ef2e0fa4dfaca369e026924b9de6a6ef Loading...

	vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html	2.3 kB	2023-03-13	2023-03-14
Pretty URL vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html IP 54.230.111.85 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:50:52 Last Seen2023-03-14 14:54:55 Times Seen1 Hash 9dfb5fc1a14b81a3b18b479f63bb8ab3 2720e78ed93ca88089984dacdaaeae0e95a321d1 f7be6f445f6d0ff732728c98ddf542577272191c10478c1edf9913612de40f3b Loading...

	bat.bing.com/bat.js	39 kB	2023-03-13	2023-11-20
Pretty URL bat.bing.com/bat.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:26:48 Last Seen2023-11-20 16:57:27 Times Seen4 Hash 317f48afb68ad5da3f7fa6b09690b21a 3df4136a70a0632ae71125a7c3fce7fa5dc6bd58 1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f Loading...

	connect.facebook.net/signals/config/504317807104934?v=2.9.95&r=stable	387 kB	2023-03-13	2023-03-29
Pretty URL connect.facebook.net/signals/config/504317807104934?v=2.9.95&r=stable IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:27:26 Last Seen2023-03-29 21:16:52 Times Seen3 Hash 02dd892788dadae60a65ace0d457fa5f d6420e070e3d5cbe1091c9a8c48bb93ace2eb539 5e36d8de938b16113ea2ae5f85e494399fb91b7de1fc49c02ce3a44d55e7c108 Loading...

	www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253	348 B	2023-03-07	2023-11-08
Pretty URL www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253 IP 18.167.223.92 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:42 Last Seen2023-11-08 12:54:58 Times Seen141 Hash 152eb3f7cf15a0fab0a4feb760adb6bd ddb93b3dc1475161fc5a3b1382946294635604cf ea63f51bb3d28ad35fdd2992df46db58f17db7d5baa39088cda363868ff9f7b8 Loading...

	gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22jeff.vn%22,%22topUrl%22:%22www.jeff.vn%22,%22version%22:%225_13_0%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true,%22pm%22:0%7D	418 B	2023-03-07	2023-04-01
Pretty URL gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22jeff.vn%22,%22topUrl%22:%22www.jeff.vn%22,%22version%22:%225_13_0%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true,%22pm%22:0%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:37 Last Seen2023-04-01 10:34:33 Times Seen447 Hash 755b312976dc0edb23fa08bed999c482 6685710ba04dc63e4122ec3ce89f3adfe479adf4 663197a6a8353d989cdc65d4f3112e425a00839c85a3fde99bbe451a9c604a6f Loading...

	static.hotjar.com/c/hotjar-2616020.js?sv=7	8.4 kB	2023-03-13	2023-03-13
Pretty URL static.hotjar.com/c/hotjar-2616020.js?sv=7 IP 54.230.111.113 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:05:39 Last Seen2023-03-13 20:05:39 Times Seen1 Hash be9c075a675aca50533432490876928b 520ab9845dc50aa6e69d5eebcbfe80a5f66d0a02 1447c8f3d83e13f34152151d80f4c3a6394c7f80db26b6a43255321b3b8b3a9b Loading...

		Size	First Seen	Last Seen
	#1 Eval - e888c2f176a766ceac28cb46314b0c42	116 B	2023-03-12	2023-05-20
Pretty Observations First Seen2023-03-12 16:33:50 Last Seen2023-05-20 15:10:35 Times Seen6 Hash e888c2f176a766ceac28cb46314b0c42 b243fdc9a3d59d05705f6852424d972b215dfeee 991fde4c999fbc40e4c102b80b9f029691647d7b5b399af2b831a65038e5f214 Loading...

	#2 Eval - fb2933caf1012f65a2d5cda5b3235586	117 B	2023-03-12	2023-05-20
Pretty Observations First Seen2023-03-12 22:41:04 Last Seen2023-05-20 15:10:35 Times Seen5 Hash fb2933caf1012f65a2d5cda5b3235586 d91e9de07bdbceaf12e9a75a690b4f1b2c1bdb68 dfe0059393a6a863e043e4b182abc511b45ba6edeb1b8f9f14d6dce0da77807d Loading...

	#3 Eval - dd6f08b18a978de4518d09f132287897	116 B	2023-03-12	2023-05-20
Pretty Observations First Seen2023-03-12 16:33:50 Last Seen2023-05-20 15:10:35 Times Seen5 Hash dd6f08b18a978de4518d09f132287897 4bd1753b76a18e517e6c1b82b79f07dc2fbb21e0 9818b524b33d2d9140b0d73bc3c6bedbbf0820f5568817d20a22a23ff592e99c Loading...

	#4 Eval - 4d2113f361b046df46b37a3d13906c00	209 B	2023-03-12	2023-05-20
Pretty Observations First Seen2023-03-12 22:41:04 Last Seen2023-05-20 15:10:35 Times Seen5 Hash 4d2113f361b046df46b37a3d13906c00 e6345182e7356c61cc04805946816837272ee2fc 9b75863f56d47f016cdbb281ce447bceace83fd260af3472b8670acc3067ea72 Loading...

	#5 Eval - 1047fc4b2177f4443577de00655b13e5	117 B	2023-03-12	2023-05-20
Pretty Observations First Seen2023-03-12 22:41:04 Last Seen2023-05-20 15:10:35 Times Seen5 Hash 1047fc4b2177f4443577de00655b13e5 01b11127ee08aa317ea6b13e2fd0463a45dd37fd 3bdd239cd24fc64e37c5916c7918e37d4a1956c1348f1c8898fa605b2c37f75e Loading...

	#6 Eval - 7d4564639a1c4555c25373bc78799477	195 B	2023-03-12	2023-05-04
Pretty Observations First Seen2023-03-12 22:41:04 Last Seen2023-05-04 01:22:14 Times Seen4 Hash 7d4564639a1c4555c25373bc78799477 2ea21d244cc085bcfe25763bc9d20fd1c7b104dc 1e523c88aff8cf305cd5b14888cc52a31028a1d40b28ffcee0d69714773be558 Loading...

	#7 Eval - f28b2be7c80d4c88e397edc15909f423	116 B	2023-03-12	2023-05-20
Pretty Observations First Seen2023-03-12 16:33:51 Last Seen2023-05-20 15:10:35 Times Seen5 Hash f28b2be7c80d4c88e397edc15909f423 b7973e81ecd768f242059abd92892b93ca101a33 29d1a04ad324a139cbbe1dacf1d0c743dffdf00c85251b1b42a13e5f0bfc4b5c Loading...

	#8 Eval - 18c3c9ab5898ef60f98af003bb96895e	209 B	2023-03-12	2023-05-20
Pretty Observations First Seen2023-03-12 16:33:51 Last Seen2023-05-20 15:10:35 Times Seen5 Hash 18c3c9ab5898ef60f98af003bb96895e a895567e97d5a2f631411a47ea38a5db12fa4a5e fcd71467288cd73db1ca0f2afab3d7f3a14fb3d1174dc250fd83dee75d73d201 Loading...

	#9 Eval - 078c0b22009934070cba741ae98de6ea	209 B	2023-03-12	2023-05-04
Pretty Observations First Seen2023-03-12 22:41:04 Last Seen2023-05-04 01:22:14 Times Seen4 Hash 078c0b22009934070cba741ae98de6ea 7b95e75de50f4526e940dbf1bfc8b5d604bd0b43 baf34fa246b2d575fcc188fde666e571b5afd2a5622c1f2863c4b252f6b84981 Loading...

	#10 Eval - 16f5f4a02e505b5ba97a1e2be504d98a	116 B	2023-03-12	2023-05-20
Pretty Observations First Seen2023-03-12 16:33:51 Last Seen2023-05-20 15:10:35 Times Seen5 Hash 16f5f4a02e505b5ba97a1e2be504d98a 590487b274d6697438ce15ec908948019b9bba7f 520e5c392fbfec1c04c7202583dbe6e23178f1f15e03475e88ed43f482c5f440 Loading...

	#11 Eval - 77d1d7df4e2ab54cb2c73841de2ae729	116 B	2023-03-12	2023-05-20
Pretty Observations First Seen2023-03-12 16:33:51 Last Seen2023-05-20 15:10:35 Times Seen5 Hash 77d1d7df4e2ab54cb2c73841de2ae729 a8f0dd5b70aa082a9c85e4d834f81bda5350c267 af6be6215c9c34c3a77c377a02a8948003946d49216a0d3a569f8fbd0935b540 Loading...

	#12 Eval - 4847753dae628487a51e3ad2423720ba	117 B	2023-03-12	2023-05-04
Pretty Observations First Seen2023-03-12 22:41:04 Last Seen2023-05-04 01:22:14 Times Seen4 Hash 4847753dae628487a51e3ad2423720ba 7e79e018ce721a16096bd179de8387c735743627 4053c6873d68e9e49c47515a99cd2678a807a2b04c2f8d6d115bbb4005c61d00 Loading...

	#13 Eval - 322d88bfefa037b72d13f01e3a01d1ea	284 B	2023-03-12	2023-05-04
Pretty Observations First Seen2023-03-12 22:41:04 Last Seen2023-05-04 01:22:14 Times Seen4 Hash 322d88bfefa037b72d13f01e3a01d1ea 799c2c45c453911672ca41d1393ce17ee48fdb60 085ccfc5a77ea6aac27787c2cf7669038abcafbf20f00472fe568c5a8afe5c9c Loading...

	#14 Eval - d4f74974c4eb5e4b189f3413c4d0880a	470 B	2023-03-12	2023-05-04
Pretty Observations First Seen2023-03-12 22:41:04 Last Seen2023-05-04 01:22:14 Times Seen4 Hash d4f74974c4eb5e4b189f3413c4d0880a fc0853e2c373f60268127aebd29dc8f2344b615b 09756496db041cabc494ffca78611008fa69bf391bcdd53d9160c19deb222c67 Loading...

	#15 Eval - 499453a0c9fccf22f7c0657e50cefebc	209 B	2023-03-12	2023-05-04
Pretty Observations First Seen2023-03-12 22:41:04 Last Seen2023-05-04 01:22:14 Times Seen4 Hash 499453a0c9fccf22f7c0657e50cefebc 545f6792dcf7fa4ec73c9369140ba62650507ccd 9dcf1c248f5ab693293f60b3799ec98e29d385a82c1d86c4ef6ca9ea9ac0f638 Loading...

HTTP Transactions (173)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3626
Expires: Thu, 09 Feb 2023 03:06:26 GMT
Date: Thu, 09 Feb 2023 02:06:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11858
Expires: Thu, 09 Feb 2023 05:23:38 GMT
Date: Thu, 09 Feb 2023 02:06:00 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 01:36:46 GMT
content-type: application/json
age: 1754
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19647
Expires: Thu, 09 Feb 2023 07:33:27 GMT
Date: Thu, 09 Feb 2023 02:06:00 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: OxXTv46VcJpQFui9jxLsmGvxZJ2gCDAOr2M1MNNsupz36qOrXPT09s+lHGFdARHjjbohYM8xmshuneGWcBEC/Q==
x-amz-request-id: N37Q3X1FMSMKJ7YD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 01:36:10 GMT
age: 1790
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 02:06:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253

18.167.223.92

301 Moved Permanently

134 B

URL HTTP/1.1
www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253
IP
18.167.223.92:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253 HTTP/1.1
Host: www.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Thu, 09 Feb 2023 02:06:00 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://www.jeff.vn:443/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 01:14:53 GMT
age: 3068
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2663
Expires: Thu, 09 Feb 2023 02:50:24 GMT
Date: Thu, 09 Feb 2023 02:06:01 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ba8a214e03b5842c43279e0999d44667
d39e01e97828a7dfeca29b596ecca9bf14ba83fb
b1c299566a944692c51711aac3479ec463815e45f770280d15ba5305d4704806

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 02:06:01 GMT
Server: ECS (dcb/7EEC)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tHaWBzhgxEDNS6liNtHxki1LkjaJVnBryGt97YeNTPyJtMPLgCzPlw==

push.services.mozilla.com/

44.235.159.98

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.235.159.98:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NRJM6ZQIMRVSrpwjNa1z6w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0A/JvEi5zWaOzXYx86DjrglVGKA=

www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253

43.198.49.214

200 OK

11 kB

URL HTTP/2
www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253
IP
43.198.49.214:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24365)
Size
11 kB (11154 bytes)
Hash
98fc7421cfd3182cb92d224d3f5f7f74
a8e44a652f60fc3a80a560b465e9d5407af8d7fd
bc268cabda328ad1d6f5eab1590ff526e475ead2181a5f373405beeedd77f3c3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253 HTTP/1.1
Host: www.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:02 GMT
content-type: text/html
content-length: 11154
server: nginx/1.22.0
content-encoding: gzip
x-lambda-id: 4ebec50f-971d-4ba2-97fd-2593ac88ae00
accept-ranges: bytes
age: 43001
x-served-by: cache-iad-kiad7000103-IAD, cache-hnd18738-HND
x-cache: MISS, HIT
x-cache-hits: 0, 142
x-timer: S1675908362.202102,VS0,VE0
vary: Accept-Encoding,x-wf-forwarded-proto
x-cluster-name: ap-northeast-1-prod-edge-blue
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

142.250.74.170

200 OK

5.4 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2134)
Size
5.4 kB (5437 bytes)
Hash
30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b

HTTP Headers

GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 10:21:51 GMT
expires: Sat, 03 Feb 2024 10:21:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 488651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0dbb706f89afc7b6ea0_fb.svg

54.230.111.7

200 OK

805 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0dbb706f89afc7b6ea0_fb.svg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (673)
Size
805 B (805 bytes)
Hash
687cc2617c243d910f0743a3d8452c15
ffd777e7f45a8cd9d93d907d503d7cac8bb31e0d
dd6fe0fed6def1b676286a203da5c58d178152d29b73debcf8c8f4ed6e269079

HTTP Headers

GET /6107d6546b656bffc909cd26/624dd0dbb706f89afc7b6ea0_fb.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 805
date: Fri, 27 Jan 2023 02:31:06 GMT
last-modified: Wed, 06 Apr 2022 17:41:48 GMT
etag: "687cc2617c243d910f0743a3d8452c15"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: taIhEQVhftJJ0orwE875uuRGTM0QSMm1
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1121697
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dZWzi0rSIA_4rXySbfLUJZX1XQL3yod7rljADXohD6jB0pNDh1S1Kw==
X-Firefox-Spdy: h2

www.googleoptimize.com/optimize.js?id=OPT-MH82HZJ

142.250.74.174

200 OK

47 kB

URL HTTP/2
www.googleoptimize.com/optimize.js?id=OPT-MH82HZJ
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3215)
Size
47 kB (47173 bytes)
Hash
e89f8de62b8f972f063d918bb5f267e9
4808b464afa85d9f151c0105d7dfd3fe71d02729
e5d7bb28d6d6498d551f8cc1eea62f91accef9538d9647f3b195d9368ba21f41

HTTP Headers

GET /optimize.js?id=OPT-MH82HZJ HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 02:06:02 GMT
expires: Thu, 09 Feb 2023 02:06:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47173
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0db68b1d40bf15c8fa5_you.svg

54.230.111.7

200 OK

825 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0db68b1d40bf15c8fa5_you.svg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (693)
Size
825 B (825 bytes)
Hash
210beff4c931452baacbe861bcdcb0ad
55a4ab7d9c1fc9e0bf43024dd599eb3628ac46da
b3dadf84bd14d47f74d4c3f09b51bc14881840c6264235050f333684d092dc43

HTTP Headers

GET /6107d6546b656bffc909cd26/624dd0db68b1d40bf15c8fa5_you.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 825
date: Mon, 09 Jan 2023 01:21:46 GMT
last-modified: Wed, 06 Apr 2022 17:41:48 GMT
etag: "210beff4c931452baacbe861bcdcb0ad"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 2JF0_xUDqsL7IMoubtz07Y47rHK4VWFh
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2681057
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B5wwjYhhms0mOaI3SLIVlf7F-tACAYiJsVmpcBcKfSAuuyazSNSjbA==
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/js/jeff-vn.65016b155.js

54.230.111.7

200 OK

97 kB

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/js/jeff-vn.65016b155.js
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (56368)
Size
97 kB (96664 bytes)
Hash
b63fff218800c7656b8e454e97e74a0d
3a8820d1dc13ec66be88fbc2f5217ec60c905b24
d595a6bc5571a891fce28e9a1be78e44e992f22c264b0fa27611f2039269fd97

HTTP Headers

GET /6107d6546b656bffc909cd26/js/jeff-vn.65016b155.js HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript
content-length: 96664
last-modified: Mon, 06 Feb 2023 12:01:21 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: gRnc8CD30aLUSpI_swXvxUE6nsuziSd_
accept-ranges: bytes
server: AmazonS3
date: Thu, 09 Feb 2023 02:06:02 GMT
cache-control: max-age=84600, must-revalidate
etag: "b63fff218800c7656b8e454e97e74a0d"
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 20230
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nygEH61hHUvPDt3mmW-fU9aLvQzjx6pgPj5qlLsNhd92lDi8sLFFDA==
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css

54.230.111.7

200 OK

78 kB

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
78 kB (78493 bytes)
Hash
26da30b2f518f7d1dc730b6de3f30488
6e233395a93891f3bcc27d0f2559179ff08091f7
b639283e91d1ba38f2682431ac664f6b7c0dac9553cb3837e81782fe69b780f4

HTTP Headers

GET /6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
content-length: 78493
last-modified: Tue, 07 Feb 2023 10:40:34 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: qF37ov9hyI1.MKK9dT4yt_8JEMazvyv.
accept-ranges: bytes
server: AmazonS3
date: Thu, 09 Feb 2023 02:06:02 GMT
cache-control: max-age=84600, must-revalidate
etag: "26da30b2f518f7d1dc730b6de3f30488"
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 55879
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3KPAps3jHyQ3SLSumxwC9IJE687JRxD7HdBR3deWMH-tjN02ZPPXCA==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ef17a68c77d3f30c049f15916fa92a6f
f5d35ca43f8ed49cc9f118b139c6277374680408
ccc54a44c20983853aa93b74cd87ecb1941429af41643fa66231923531359f0f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151632
Date: Thu, 09 Feb 2023 02:06:02 GMT
Etag: "63e4025a-1d7"
Expires: Fri, 10 Feb 2023 20:13:14 GMT
Last-Modified: Wed, 08 Feb 2023 20:13:14 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: r8mTHSXxsX--OQCrcJByR_e8HhyTNNDrs3y0IuBRIDBRlMnaP1D3IA==

assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b7a9d09cd7a_check.svg

54.230.111.7

200 OK

227 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b7a9d09cd7a_check.svg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
227 B (227 bytes)
Hash
132803e121eda15d5ccef28fd978aa8d
ef25f693f8da50c320e359e2aa543cddf5e357d0
a1d700b570a88b6f465b0f856f336c4094dd5f923c479aba7e333f6486f727c3

HTTP Headers

GET /6107d6546b656bffc909cd26/6107d6546b656b7a9d09cd7a_check.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 227
date: Fri, 06 Jan 2023 04:50:34 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "132803e121eda15d5ccef28fd978aa8d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: jQKr9IIYshh9y_Qgqj0xaw94_vVRCkz1
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2927729
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JC8HZbNNL87SisUTQdf2GhTMtz90IMnQVvZNbMYsoCXYL7LAyc7Lkg==
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656b27d809cd54/6228b709c4c0960bf90d02fe_Frame%2048%20(2)%20(1).png

54.230.111.7

200 OK

532 kB

URL HTTP/2
assets-global.website-files.com/6107d6546b656b27d809cd54/6228b709c4c0960bf90d02fe_Frame%2048%20(2)%20(1).png
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
PNG image data, 2500 x 1100, 8-bit colormap, non-interlaced\012- data
Size
532 kB (532056 bytes)
Hash
e73105b5524c8dd9b38cda38b043e77e
3c973f19408a4b872dc32a5e2e9702af98e26502
84d2b7a6cda66d4954705e58aade6dd6a9c7c607463aab384608323084fe720d

HTTP Headers

GET /6107d6546b656b27d809cd54/6228b709c4c0960bf90d02fe_Frame%2048%20(2)%20(1).png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 532056
date: Tue, 17 Jan 2023 01:36:03 GMT
last-modified: Wed, 09 Mar 2022 14:17:46 GMT
etag: "e73105b5524c8dd9b38cda38b043e77e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: xDu3x.b.em7KhKz4hc4teH0iLw02vGbd
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1989000
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UoObomqmdpqaieGIQlr66K88J0puICgqzdkizrL9nYL2hgHn9Q3HxA==
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656babe309cd4f_2.svg

54.230.111.7

200 OK

628 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656babe309cd4f_2.svg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (400)
Size
628 B (628 bytes)
Hash
459d66b59ffcc9910d65c5ccb22274ed
580a6fd926d85533b9e9b967980744aa11f6f2c0
15bc2f3cbc2276bc7893820a25e490418301eab5f020958c38b84fda6726a1e1

HTTP Headers

GET /6107d6546b656bffc909cd26/6107d6546b656babe309cd4f_2.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 628
date: Sun, 08 Jan 2023 00:27:01 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "459d66b59ffcc9910d65c5ccb22274ed"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: nPP.zDSTkA98QKUo4uRdUcTCHwHgoV1G
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2770742
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s_4gKIG_1F3bBHZRC_nx9A4mupd6IoK0cOb_3-hgU7XJOGX4xM1sHA==
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b466909cd4a_1.svg

54.230.111.7

200 OK

349 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b466909cd4a_1.svg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
349 B (349 bytes)
Hash
cb24497241ce2a3ccdef0664ea0b077f
2e19280399b8c5425b49c9d35200c0dea56a22ba
e0e04a518393790a90b1525d2c1a58568ca8fb409bd7b79e3b4f123e4b5d3ca1

HTTP Headers

GET /6107d6546b656bffc909cd26/6107d6546b656b466909cd4a_1.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 349
date: Thu, 05 Jan 2023 10:17:22 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "cb24497241ce2a3ccdef0664ea0b077f"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: jiyCO4iDNBm96yjl8q9n7YQDmMq9.Z8g
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2994521
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 90C_s3KBflYMk-KnbnTqiZAnVz51EFGArUhM2G1LT3GCjcwmK7brZQ==
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b843f09cd4b_3.svg

54.230.111.7

200 OK

888 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b843f09cd4b_3.svg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (660)
Size
888 B (888 bytes)
Hash
63e0f683d082f61b47299e7fd5a17559
a6fb47765826ac1dcf68303364c59465b3c0233b
efb636eb5e268b99f96898d11a1c1643ca6e6247b095a345fd7d9198cc4295b9

HTTP Headers

GET /6107d6546b656bffc909cd26/6107d6546b656b843f09cd4b_3.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 888
date: Mon, 23 Jan 2023 01:38:51 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "63e0f683d082f61b47299e7fd5a17559"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: u4h27iVgg7J0_MIUKJSkZNaLPDmwlL89
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1470432
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zbmmk5G9JLlrvSku5JVUxQSC7GhvnIv9OMdOZsOQ0e6SK3HiTbVcvw==
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656bca9d09cd95_cards-page2%20(1).jpg

54.230.111.7

200 OK

140 kB

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656bca9d09cd95_cards-page2%20(1).jpg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1146x1974, components 3\012- data
Size
140 kB (140104 bytes)
Hash
8044e529d44882c2757dee105221a5ea
994e24144ed202ba20cf06a634c5ec6db5d99bc0
6c7c74df54748ca7a5405ad711d7f03caf71709a8d7fa804d7893848422082d1

HTTP Headers

GET /6107d6546b656bffc909cd26/6107d6546b656bca9d09cd95_cards-page2%20(1).jpg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 140104
date: Fri, 27 Jan 2023 02:31:06 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "8044e529d44882c2757dee105221a5ea"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 6F9vCv9qo.2Y_F.MbYtjo0s9_3RRRE6O
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1121697
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i5oNJ4crIXZ9MjPJSzGUnbGzi1cuatwcNP2icChQSpuR1nWc-KyylQ==
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0db681f4101c2e9eac8_in.svg

54.230.111.7

200 OK

840 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0db681f4101c2e9eac8_in.svg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (727)
Size
840 B (840 bytes)
Hash
96cccd078c557c41e24dbf89cfc55c3f
c48f20dba0ea44766e7f97dff5d5b6268c221355
99bcff24d6ab1a663beb6183974ff949662a1d420427e63687efefe42c53e795

HTTP Headers

GET /6107d6546b656bffc909cd26/624dd0db681f4101c2e9eac8_in.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 11 Jan 2023 00:40:08 GMT
last-modified: Wed, 06 Apr 2022 17:41:48 GMT
etag: W/"5edd93d3ac96637a6387b794ef6bd0ec"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: VP6TR.Hx58N3J68upyMni2nf3wXbty2o
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2510755
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DPmHCSadtRjoutYYSMiGVrwb-bxO-9QkfDDSgVskruUdcuuFB1T8og==
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cb10c8881f29d78b8d879cb7ace3ff07
995f646a0a8cbd7b2ae95f9166ea1c2276a26b78
bfa94003f1482133dd142c0a68bc4e6562f8e83ab613193911efb7219fd8f5bc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BFA94003F1482133DD142C0A68BC4E6562F8E83AB613193911EFB7219FD8F5BC"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Thu, 09 Feb 2023 08:05:32 GMT
Date: Thu, 09 Feb 2023 02:06:02 GMT
Connection: keep-alive

assets-global.website-files.com/6107d6546b656bffc909cd26/63e0ebd3ea7c876e6b15dd49_132838575177542222_b099aacca88b62d53b9a%20(1).jpg

54.230.111.7

200 OK

19 kB

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/63e0ebd3ea7c876e6b15dd49_132838575177542222_b099aacca88b62d53b9a%20(1).jpg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 386x192, components 3\012- data
Size
19 kB (18839 bytes)
Hash
aba3bdee30005a09facdfe51758288c0
9907e2fd84c155d8d58af33a0f535abcf12e520b
5e94e07f48832101b4a97b3e178c1ad1b976b6ec94852b9f92983f31af14846b

HTTP Headers

GET /6107d6546b656bffc909cd26/63e0ebd3ea7c876e6b15dd49_132838575177542222_b099aacca88b62d53b9a%20(1).jpg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 18839
date: Mon, 06 Feb 2023 20:20:57 GMT
last-modified: Mon, 06 Feb 2023 12:00:21 GMT
etag: "aba3bdee30005a09facdfe51758288c0"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: PnAMewV2R3JobV8.30faz0sJpfzgrq8T
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 193506
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wUkgqLw17Od65H4ILAXVFwqSaEP_HJqGPqWxJwoGiCnm6uc2GCALAg==
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/627427d2da736f4058978eb9_Group.png

54.230.111.7

200 OK

3.8 kB

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/627427d2da736f4058978eb9_Group.png
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
PNG image data, 177 x 74, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3806 bytes)
Hash
4087d7a43fd6b27cd4233ed8e0987c8a
3b4dfd9c8ac2d0e9dbda0d00b62065b87f0bfdcd
cfb3e26e0bee20b23edfee49e5612266383098273c3d7771a1dacd9b2bf544d1

HTTP Headers

GET /6107d6546b656bffc909cd26/627427d2da736f4058978eb9_Group.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 3806
date: Sun, 08 Jan 2023 00:27:01 GMT
last-modified: Thu, 05 May 2022 19:39:01 GMT
etag: "4087d7a43fd6b27cd4233ed8e0987c8a"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: ADdfUhhjzdLDlFsi6hU7lEUEw.BBUsSo
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2770742
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p8b6nCLO2OWopFfaLN1axKgh6-PgEMrqit-xp-i9rFik-VpKiNE2_Q==
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK

216.58.207.200

200 OK

86 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK
IP
216.58.207.200:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (39457)
Size
86 kB (85618 bytes)
Hash
8a9f24eb702ace046c8fb48ee508535d
ddc640e4b7be447b72047e0ec7e08d0d322165c3
c21a735cdc05e4f1c9c53186beb4f748edb581fca64fa548f6227b30d2814a46

HTTP Headers

GET /gtm.js?id=GTM-WJM8NRK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 02:06:02 GMT
expires: Thu, 09 Feb 2023 02:06:02 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 00:33:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85618
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.jeff-app.com/scripts/CalcContainer.js

34.159.75.132

200 OK

1.2 kB

URL HTTP/2
static.jeff-app.com/scripts/CalcContainer.js
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text
Size
1.2 kB (1198 bytes)
Hash
82ac2616e1d69dcd0f361dfa507de7cd
d8326f681a684a8302cddbcb7085373ee531a1ff
30d47546bd8f1370fc73cb343f4519f26feb84b140207ccda165177f8679f21e

HTTP Headers

GET /scripts/CalcContainer.js HTTP/1.1
Host: static.jeff-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
age: 67869
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Wed, 08 Feb 2023 07:14:53 GMT
etag: "82e75acb51f12449f646f6a530c76cd5-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GRSYRCKGRPTVW44DWCY9D1B7
content-length: 1198
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG81Rb0.woff2

216.58.207.227

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG81Rb0.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21024, version 1.0\012- data
Size
21 kB (21024 bytes)
Hash
bfc3d01c79dc38b019fe1cd09c1033ed
5ff4586eb711d84c1b0fb66c7e2f6829457588b0
5b2b36199292fd0a66f42de265cbbcaaefce6ebacb6b6a116beebc4e61e8ae8c

HTTP Headers

GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG81Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21024
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 19:57:54 GMT
expires: Thu, 08 Feb 2024 19:57:54 GMT
cache-control: public, max-age=31536000
age: 22088
last-modified: Tue, 19 Apr 2022 18:08:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ281Rb0.woff2

216.58.207.227

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ281Rb0.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20840, version 1.0\012- data
Size
21 kB (20840 bytes)
Hash
94caeafec8be6e13f12871d82c760e08
c474b99c4d820c33280983aabdade7498af82297
39f71bd192fef15e3ff9ed3e4ab1c336d6019d97e5a2b7cdcfb136176597c52b

HTTP Headers

GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ281Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 00:59:52 GMT
expires: Fri, 09 Feb 2024 00:59:52 GMT
cache-control: public, max-age=31536000
age: 3970
last-modified: Tue, 19 Apr 2022 18:05:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2

216.58.207.227

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20136, version 1.0\012- data
Size
20 kB (20136 bytes)
Hash
74b2666cbba90c8f90a1fa4d2a0f98b7
d67ad16e9989c3af159a0870b909e0ae37f18c33
afba0a9e71e6bf5b89cb8ea73a331d6f16d8ad0d9059fd5270e424c2b372da82

HTTP Headers

GET /s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20136
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:15:50 GMT
expires: Sat, 03 Feb 2024 02:15:50 GMT
cache-control: public, max-age=31536000
age: 517812
last-modified: Tue, 19 Apr 2022 18:13:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm87Rb0bcw.woff2

216.58.207.227

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm87Rb0bcw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12332, version 1.0\012- data
Size
12 kB (12332 bytes)
Hash
68f359110ddbab73367a98d657ad3ca6
22c9a18d7a470109b24124736b95f479aa152593
16f7f28cd79e331da4b267c4d9a440a07490d687037645987ea93a68edd9e11d

HTTP Headers

GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm87Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 01:29:53 GMT
expires: Sun, 04 Feb 2024 01:29:53 GMT
cache-control: public, max-age=31536000
age: 434169
last-modified: Tue, 19 Apr 2022 18:26:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm81Rb0.woff2

216.58.207.227

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm81Rb0.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20816, version 1.0\012- data
Size
21 kB (20816 bytes)
Hash
c89fa3b7b7560a9cc924364c3651fc21
0d36d701b1b9158145f5167799533f5f21a6c314
5fdd06615194a9a10ddc8b928c428e2dbb2b20ed70dfcafe40de89cddaf61f12

HTTP Headers

GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm81Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:18:58 GMT
expires: Sat, 03 Feb 2024 02:18:58 GMT
cache-control: public, max-age=31536000
age: 517624
last-modified: Tue, 19 Apr 2022 18:08:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6107d6546b656bffc909cd26

54.230.245.192

200 OK

41 kB

URL HTTP/2
d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6107d6546b656bffc909cd26
IP
54.230.245.192:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65451)
Size
41 kB (40834 bytes)
Hash
4c878dc8f3d9f5435913a9231649ba39
86ace6ead00c010e9b59813f26401aed0c80e996
48c6f1f68945e0288f7e7a51e82b9714ad9b334e4c99e8879651fc21c86fbd3f

HTTP Headers

GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=6107d6546b656bffc909cd26 HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
content-encoding: br
date: Wed, 08 Feb 2023 05:05:52 GMT
cache-control: max-age=84600, must-revalidate
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
age: 75641
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m2UiXs0xleRgFSlm7-qjZuWISmEXQ-tS3pRAcAnpViqWYp_MRFn6QQ==
X-Firefox-Spdy: h2

fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ287Rb0bcw.woff2

216.58.207.227

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ287Rb0bcw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12132, version 1.0\012- data
Size
12 kB (12132 bytes)
Hash
d8c3fbd445568cc3464a7b83715eb02f
8fadbd8de214b29c7791b720e50cf3485ed06784
a26854f297793040b3587a207fbbaac3b61c4b4aaefda33b720e920251896a33

HTTP Headers

GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ287Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12132
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 19:14:50 GMT
expires: Tue, 06 Feb 2024 19:14:50 GMT
cache-control: public, max-age=31536000
age: 197472
last-modified: Tue, 19 Apr 2022 18:08:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW86Rb0bcw.woff2

216.58.207.227

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW86Rb0bcw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11100, version 1.0\012- data
Size
11 kB (11100 bytes)
Hash
891506a586c32ab1d43857d6455c9f9e
f32fa2f4d6e69a1796b9adebb837b23e2b52c79b
d0f14805c4f59ff808400de351404874309171b89d378b87de32719d04810b49

HTTP Headers

GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW86Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 10:29:51 GMT
expires: Wed, 07 Feb 2024 10:29:51 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:12:02 GMT
content-type: font/woff2
age: 142571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm86Rb0bcw.woff2

216.58.207.227

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm86Rb0bcw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11072, version 1.0\012- data
Size
11 kB (11072 bytes)
Hash
feac5a03593138287f348533d7864f85
a6c0ba2cc99810388b245048d88d619b8d6bdf16
a7cc6e59d8515b32c8a24943605545663453210ed0f51005e6f259224d4c35a4

HTTP Headers

GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm86Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 15:44:57 GMT
expires: Fri, 02 Feb 2024 15:44:57 GMT
cache-control: public, max-age=31536000
age: 555665
last-modified: Tue, 19 Apr 2022 18:06:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ286Rb0bcw.woff2

216.58.207.227

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ286Rb0bcw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11176, version 1.0\012- data
Size
11 kB (11176 bytes)
Hash
1fb73ebec7849f13b133f22fa96a1956
3d1bfb246b36da591fb64147941f2141870d1733
fe0e476d081283bccd12deb3adf743da1a7b9b05ec96b9cfab3a300c29430069

HTTP Headers

GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ286Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11176
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 00:44:52 GMT
expires: Tue, 06 Feb 2024 00:44:52 GMT
cache-control: public, max-age=31536000
age: 264070
last-modified: Tue, 19 Apr 2022 18:06:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSQI281Rb0.woff2

216.58.207.227

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSQI281Rb0.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21208, version 1.0\012- data
Size
21 kB (21208 bytes)
Hash
74f93ec1a48da90748c0be825f5d5e91
2c5f5bc8dbb17f0599726820e09c4b6383bdc25d
9a6403be855cf28f8fc7eb0ec377f8fe84e4508da830f6a1cffe96040d3c48ec

HTTP Headers

GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSQI281Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 03:44:53 GMT
expires: Sat, 03 Feb 2024 03:44:53 GMT
cache-control: public, max-age=31536000
age: 512469
last-modified: Tue, 19 Apr 2022 18:14:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW87Rb0bcw.woff2

216.58.207.227

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW87Rb0bcw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12352, version 1.0\012- data
Size
12 kB (12352 bytes)
Hash
2ca7d93b0f3cf6fb8acc7a57cfb855a9
4862b5d3df3b4b1e343fa1f72ecaf23bbe4c4130
5c74d26fa05df23036cb8406bc0f4f719d0004fd0fd671304286dee3c68f781e

HTTP Headers

GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW87Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 03:44:53 GMT
expires: Sat, 03 Feb 2024 03:44:53 GMT
cache-control: public, max-age=31536000
age: 512469
last-modified: Tue, 19 Apr 2022 18:03:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HS0Im81Rb0.woff2

216.58.207.227

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HS0Im81Rb0.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20640, version 1.0\012- data
Size
21 kB (20640 bytes)
Hash
bb55f11c4c165aff6990136ead59fc1d
411672d0fd1e86b6024ab44ec7ee5c21b91816eb
ee0eab7c78914d952b5119684d1aed29aec2707fe7cc1b1bb75771fe87ca68b4

HTTP Headers

GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HS0Im81Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20640
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 11:35:07 GMT
expires: Thu, 08 Feb 2024 11:35:07 GMT
cache-control: public, max-age=31536000
age: 52255
last-modified: Tue, 19 Apr 2022 18:10:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw5BXoKZA.woff2

216.58.207.227

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw5BXoKZA.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11812, version 1.0\012- data
Size
12 kB (11812 bytes)
Hash
36c89462b574e7b2fb7eec0b957ba664
e051822b0746088706225243c3a4b5d1d18cdbe8
5089932a425db8912573a4808c785d2881ce9089791752eccd8d5d839c212acf

HTTP Headers

GET /s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw5BXoKZA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 02:06:02 GMT
expires: Fri, 09 Feb 2024 02:06:02 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:09:11 GMT
content-type: font/woff2
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG87Rb0bcw.woff2

216.58.207.227

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG87Rb0bcw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12644, version 1.0\012- data
Size
13 kB (12644 bytes)
Hash
1b27fe1cd212141ee05bd77bb3fb5698
d064c66e6ebf640f615009690fcc44bf7385e832
6763cceefa8d31d62ac72ff2ac0dfe4ea30215fead28d7afebe5ca01cf1d9221

HTTP Headers

GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG87Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 12:29:07 GMT
expires: Fri, 02 Feb 2024 12:29:07 GMT
cache-control: public, max-age=31536000
age: 567415
last-modified: Tue, 19 Apr 2022 18:05:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG86Rb0bcw.woff2

216.58.207.227

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG86Rb0bcw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11412, version 1.0\012- data
Size
11 kB (11412 bytes)
Hash
f0e8bb3cc78f81dd7e7b76a3b737f136
cb799376b9de709d13f2616f7ce9e38dc4c5b7c9
ce776e36ca591b5ae2ac1ef88f220a13dff461eb4ec3c2994d789853165effa6

HTTP Headers

GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG86Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 11:29:39 GMT
expires: Sat, 03 Feb 2024 11:29:39 GMT
cache-control: public, max-age=31536000
age: 484583
last-modified: Tue, 19 Apr 2022 18:15:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8254
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 02:06:02 GMT
Connection: keep-alive

fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW81Rb0.woff2

216.58.207.227

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW81Rb0.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20960, version 1.0\012- data
Size
21 kB (20960 bytes)
Hash
4b87ee4dbdebe6ccc27d78abdc1be4d0
bc5608fb2aa8f618123a243149c9503bf8353eed
68d5079784cb170ff863dd8ce87ab5b1562f78604fc6a58e364d79073339e09c

HTTP Headers

GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW81Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 02:14:52 GMT
expires: Wed, 07 Feb 2024 02:14:52 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:06:16 GMT
content-type: font/woff2
age: 172270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (15019 bytes)
Hash
95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:24:16 GMT
age: 63707
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9ebfbd-8f55-4e32-8ea1-303aa280ea51.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11036 bytes)
Hash
b11f9f70f5e8af4de6d9fc5b9f50ccbe
753cb08c3f8c7c0750d113253790a08db01986bc
d4b77ba995ea274fd169fc9bc66919b23e72a8edb88d6184bf3d7f3ab398c645

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9ebfbd-8f55-4e32-8ea1-303aa280ea51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11036
x-amzn-requestid: 4bd4976c-9500-4d6d-a447-dd2873987d13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswexHCYIAMFzag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-61d430202cbbf52823f38c49;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3U29-_iFXSAoG74d9-pJmmWfVbO6f2Y91lLvi7nXxgNYWKNvbFTRyQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:48:54 GMT
age: 62229
etag: "753cb08c3f8c7c0750d113253790a08db01986bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4308 bytes)
Hash
113363afa7cfd484dbc115a9f44c1723
2f9dfb845aa919a51a0b5fa9a824ac4845f669be
a91a045600ef2fdebd582ce453a85f7ce0c9f8be7258baf311d0d940de027c20

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4308
x-amzn-requestid: 2d4ce596-9a69-4394-8e10-cd5c54687a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzKZ0F2DoAMF6nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddf10b-6c4fabe01360b8781bdd8e06;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 05:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R_VDTHUaRhwthD0THsWg42L1OF7lZAX3ENsTfV0U7kkn9o0x-mQ_9g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 13:53:53 GMT
age: 43930
etag: "2f9dfb845aa919a51a0b5fa9a824ac4845f669be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3509a9bb-f5d1-4723-96d3-e2a87a28bbf4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6471 bytes)
Hash
e6c45da743665658afcfbf2309e1594b
04d025452dcec571f3eb6068499290d86e0c4c30
3ddfcf83ea18ba20700364c7095750a142a15575c988ba5688ed2f4dbbba4ee8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3509a9bb-f5d1-4723-96d3-e2a87a28bbf4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6471
x-amzn-requestid: ab4c8119-a2f0-4b3d-bbed-b34c5a0a7a30
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiGaGsjoAMFmZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e416f5-7298e0530bee8f997b552e6e;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:41:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qxzdVgRauaFA1GnS6m2WJr7zkXVIpFUNZN0r_mdAQvkDu4nzYanjzQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:10:41 GMT
age: 14122
etag: "04d025452dcec571f3eb6068499290d86e0c4c30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8253
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 02:06:03 GMT
Connection: keep-alive

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7451 bytes)
Hash
5fc553a8677d9c0bf4835a0c29a7345c
ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8
e821faf86e44f2b9c9d5bd8cd3575c0a99acfc58774077034c413e345a7c0c0c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7451
x-amzn-requestid: a900a5b4-85cd-4817-8e70-2516eb33a0a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fox8IHMuIAMFdHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9c9e7-1122726b315a7c5623d1ff3f;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 02:09:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0giOb6VA3jgf_3ep6DqSBrFhYz8aBNWTjxpitvm9NWe2oNQlJ5UbEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:09:32 GMT
age: 14191
etag: "ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7450 bytes)
Hash
ce710ab5746832fe637fada3e6d63abf
d545c85d4a8cf92dc8b88db0a056623d1ef7a943
40bae4a2fb9dd60e9339d15ad0838f3ca83b5b6275c35cd22878b6783fcd6247

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: c3dabd4b-797b-4bbe-8824-5f502ff477b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2aG-IoAMFfnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf5-68de905b2ed5bfe46a87e688;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AX-TsURes3Bn0RrAnH7TnsouJdkcOpbq7f7KAzPMWq4RMBH8FWMz7g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 17:45:22 GMT
age: 30041
etag: "d545c85d4a8cf92dc8b88db0a056623d1ef7a943"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8253
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 02:06:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8253
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 02:06:03 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
22a8efcf0930eff1de75c0cba34b2be9
ab8ae4541fd98623f8336963913c8740fb1761ab
0c57980c1814bfa036cb6d151570447e865a4e89a6d24660526addaec286c519

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4575
Cache-Control: max-age=123429
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Etag: "63e38251-1d7"
Expires: Fri, 10 Feb 2023 12:23:12 GMT
Last-Modified: Wed, 08 Feb 2023 11:06:57 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
8e109baddb22b573a373457259aac9ac
f5f95ff6171d3cb8b274fa8c1eb361a98faaf423
f6d6b1beb6eb4837871a5b74c2f74ef9d1fc27b9f86b4eeba62c43cebf8914a3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5392
Cache-Control: max-age=127139
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Etag: "63e38d9e-13a"
Expires: Fri, 10 Feb 2023 13:25:02 GMT
Last-Modified: Wed, 08 Feb 2023 11:55:10 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

11882785.fls.doubleclick.net/activityi;src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253?

142.250.74.70

200 OK

321 B

URL HTTP/2
11882785.fls.doubleclick.net/activityi;src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253?
IP
142.250.74.70:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (592), with no line terminators
Size
321 B (321 bytes)
Hash
be4c764136e61c05d217d915fd461195
6383823c7ad85d819f602afbf313791c7a59127f
e6869a11bf75d082eaedddf6176acd79751b69e1f303542bd637db3b570cf299

HTTP Headers

GET /activityi;src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253? HTTP/1.1
Host: 11882785.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 02:06:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 321
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 09-Feb-2023 02:21:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.com/ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253

142.250.74.34

200 OK

320 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (591), with no line terminators
Size
320 B (320 bytes)
Hash
c74ff360ad5b7b17f53ffb9c0beedd5a
c019cd5b555c78f96518d0701f2c3a370c33255b
90325e804943d488374a95662eca5fac400d6b728b1bb89700b47a646aa3e532

HTTP Headers

GET /ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11882785.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 02:06:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253

142.250.74.162

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 02:06:03 GMT
expires: Thu, 09 Feb 2023 02:06:03 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
0fc3e2be9a02b14fdb24e92d26da8838
d55b2ea7ea9d97de65bd0833926173f205591b6e
55958bd04c967f293dd41c5f4cd5fc52eaaad9738af71c0910fad08b11996c24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4530
Cache-Control: max-age=132354
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Etag: "63e3a55b-139"
Expires: Fri, 10 Feb 2023 14:51:57 GMT
Last-Modified: Wed, 08 Feb 2023 13:36:27 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
9c0e95ec1969d04cbbe1a963f9556eac
6d9f7db5133272b8f78348469f8a007a74c64933
8eaba7c4d361e9320711b8d55b568074f3246cea376dd382c4ff8940ed57c438

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4598
Cache-Control: max-age=99349
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Etag: "63e3242a-139"
Expires: Fri, 10 Feb 2023 05:41:52 GMT
Last-Modified: Wed, 08 Feb 2023 04:25:14 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313

dnacdn.net/dna

178.250.0.157

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:02 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=mRVIRl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBna3c1YUJ4ZXFja0JVcFQ0a3U1a05IVDZGbEJqdTVHTmFwWTRFRnVrYVQ; expires=Tue, 05 Mar 2024 02:06:03 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 330442
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ef17a68c77d3f30c049f15916fa92a6f
f5d35ca43f8ed49cc9f118b139c6277374680408
ccc54a44c20983853aa93b74cd87ecb1941429af41643fa66231923531359f0f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151631
Date: Thu, 09 Feb 2023 02:06:03 GMT
Etag: "63e4025a-1d7"
Expires: Fri, 10 Feb 2023 20:13:14 GMT
Last-Modified: Wed, 08 Feb 2023 20:13:14 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oG2PvTQCDlVt0_V3Z-_CrHSgaCmMtIbQdfx_nObKw85F4WtVE1dJTw==

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
8ae4c9c54bb656fd242ddd41f32e6756
d646f81cf788d357099f8ed686ad26a39a678e24
b28464491bd5e5c054cc90c91e30393dcdaaf8d2b4d36459a86a0fafa1d279e9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 02:06:04 GMT
Last-Modified: Thu, 09 Feb 2023 00:29:14 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TYll8nc7qp1_lQRoV0sN9_XVx1yMVXWjDg4KAoQ1uitWGLS73KviAg==
Age: 5811

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
84cfccd989c385f23bd4401626eea691
b716a1beccd1280ae78118bb4a0d14df5a310d01
c2c6b22d22860589185720e05b1510541bec86446a6daf6a9e75ba7f1a5ffd61

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 02:06:04 GMT
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fq6uqk-dAMYnbK-_vxtTvm6eIoU91zHeDOy4eW0OJz17UgVCOrp7VA==

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
52a7b9bd0f6104da2386adc851afb050
8fb8e3ee8109387c7922485101e6ab5121d78d44
452f769d0eeb71d08561be388b7e9b04153fc9af123385dad13578f9966d4649

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 02:06:04 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LrEAkoXMcwHz0RlQpFdudzUezkrhPUpDcJ7z37d4mQv6Zm1MvFyqbQ==

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
84cfccd989c385f23bd4401626eea691
b716a1beccd1280ae78118bb4a0d14df5a310d01
c2c6b22d22860589185720e05b1510541bec86446a6daf6a9e75ba7f1a5ffd61

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 02:06:04 GMT
Server: ECS (dcb/7EC9)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yANj1qX7-NlKE92ngCxjpwXUzqOAT_cIz17N_jGCEm9Ydd-FtpjtQw==

ocsp.globalsign.com/alphasslcasha256g4

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/alphasslcasha256g4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1437 bytes)
Hash
06f3b2d00a1b1575b8142ddb0ec3d5db
b63a9035da42f3e404f0e0412440a1a950f887ae
bd7f812befc37e89d40e5733a5cb527040c6241ddb3d06b78119bb0f198acc7a

HTTP Headers

POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 02:06:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Sun, 12 Feb 2023 23:31:09 GMT
ETag: "b63a9035da42f3e404f0e0412440a1a950f887ae"
Last-Modified: Wed, 08 Feb 2023 23:31:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79690b2cb9fdb50f-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
eb93980a309f5c43e3e26c326f67f523
93b7caa5200d94d3bb7f9101c86b842567e605ba
105524a206be40e9cb22fd55d80a8618f5e5edf453a9e3475c3673212f69813f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5185
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:04 GMT
Last-Modified: Thu, 09 Feb 2023 00:39:39 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

api.jeff-app.com/lead-api/web/collect

3.7.213.239

200 OK

0 B

URL HTTP/2
api.jeff-app.com/lead-api/web/collect
IP
3.7.213.239:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lead-api/web/collect HTTP/1.1
Host: api.jeff-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jeff.vn/
Origin: https://www.jeff.vn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.jeff.vn
access-control-expose-headers: Authorization
access-control-allow-credentials: true
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
X-Firefox-Spdy: h2

sp.jeff.vn/com.snowplowanalytics.snowplow/tp2

43.205.2.12

200 OK

0 B

URL HTTP/2
sp.jeff.vn/com.snowplowanalytics.snowplow/tp2
IP
43.205.2.12:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: sp.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.jeff.vn/
Origin: https://www.jeff.vn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-length: 0
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.2.7
X-Firefox-Spdy: h2

sp.jeff.vn/com.snowplowanalytics.snowplow/tp2

43.205.2.12

200 OK

2 B

URL HTTP/2
sp.jeff.vn/com.snowplowanalytics.snowplow/tp2
IP
43.205.2.12:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: sp.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1057
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Cookie: _gcl_au=1.1.596764192.1675908420; cto_bundle=nVzXWF9zUzF5SnZhajdaJTJGb3paVHVOMVRyN3AyeGF4aHolMkI3MEpVREJENkFMZTl5eVRWZzZON240VWFCMkolMkI1d0tuSE5vY2RrQ243ME4lMkJ3M1dNb0p4aGp2YyUyQlZoTU9XYlBBZXFuZ1UxY2hYdmt5bjVMRVdNd3BFU1JlZlBacTE0UkRmTHI; _sp_ses.4563=*; _sp_id.4563=0df3c25b-7b8b-4d7a-b2e2-160518d69597.1675908421.1.1675908421..99c26dc6-0a63-49e1-a5db-43cd5b021fa8..da6679dc-ffe2-46fc-aec8-55680fc37019.1675908420647.1; utm_source=publisher; utm_medium=cpc; utm_campaign=Leadbit-CPL; utm_content=103253; utid=63E454F47EED7B14FD07B699; publisher_name=Leadbit-CPL; publisher_click_id=63E454F47EED7B14FD07B699; query_params_json=W3sia2V5IjoidXRtX3NvdXJjZSIsInZhbHVlIjoicHVibGlzaGVyIn0seyJrZXkiOiJ1dG1fbWVkaXVtIiwidmFsdWUiOiJjcGMifSx7ImtleSI6InV0bV9jYW1wYWlnbiIsInZhbHVlIjoiTGVhZGJpdC1DUEwifSx7ImtleSI6InV0aWQiLCJ2YWx1ZSI6IjYzRTQ1NEY0N0VFRDdCMTRGRDA3QjY5OSJ9LHsia2V5IjoidXRtX2NvbnRlbnQiLCJ2YWx1ZSI6IjEwMzI1MyJ9XQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
set-cookie: sp=573e1315-901e-45f6-9afa-3fd97b62aa44; Expires=Fri, 09 Feb 2024 02:06:04 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
server: akka-http/10.2.7
X-Firefox-Spdy: h2

page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false

49.213.114.167

200 OK

1.7 kB

URL HTTP/2
page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3695), with no line terminators
Size
1.7 kB (1721 bytes)
Hash
45ac1a3dd4f84d427eaa8284843d35b5
87f7de4a411f924aef7c1259311b3f8924a493f3
d550ce7a182aabaf1f8cf3c085a9570fb9c933ea69f2515344db1795605291ec

HTTP Headers

GET /?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-length: 1721
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

sp.jeff.vn/com.snowplowanalytics.snowplow/tp2

43.205.2.12

200 OK

2 B

URL HTTP/2
sp.jeff.vn/com.snowplowanalytics.snowplow/tp2
IP
43.205.2.12:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: sp.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1336
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Cookie: _gcl_au=1.1.596764192.1675908420; cto_bundle=nVzXWF9zUzF5SnZhajdaJTJGb3paVHVOMVRyN3AyeGF4aHolMkI3MEpVREJENkFMZTl5eVRWZzZON240VWFCMkolMkI1d0tuSE5vY2RrQ243ME4lMkJ3M1dNb0p4aGp2YyUyQlZoTU9XYlBBZXFuZ1UxY2hYdmt5bjVMRVdNd3BFU1JlZlBacTE0UkRmTHI; _sp_ses.4563=*; _sp_id.4563=0df3c25b-7b8b-4d7a-b2e2-160518d69597.1675908421.1.1675908421..99c26dc6-0a63-49e1-a5db-43cd5b021fa8..da6679dc-ffe2-46fc-aec8-55680fc37019.1675908420647.2; utm_source=publisher; utm_medium=cpc; utm_campaign=Leadbit-CPL; utm_content=103253; utid=63E454F47EED7B14FD07B699; publisher_name=Leadbit-CPL; publisher_click_id=63E454F47EED7B14FD07B699; query_params_json=W3sia2V5IjoidXRtX3NvdXJjZSIsInZhbHVlIjoicHVibGlzaGVyIn0seyJrZXkiOiJ1dG1fbWVkaXVtIiwidmFsdWUiOiJjcGMifSx7ImtleSI6InV0bV9jYW1wYWlnbiIsInZhbHVlIjoiTGVhZGJpdC1DUEwifSx7ImtleSI6InV0aWQiLCJ2YWx1ZSI6IjYzRTQ1NEY0N0VFRDdCMTRGRDA3QjY5OSJ9LHsia2V5IjoidXRtX2NvbnRlbnQiLCJ2YWx1ZSI6IjEwMzI1MyJ9XQ%3D%3D; sp=573e1315-901e-45f6-9afa-3fd97b62aa44
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
set-cookie: sp=573e1315-901e-45f6-9afa-3fd97b62aa44; Expires=Fri, 09 Feb 2024 02:06:04 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
server: akka-http/10.2.7
X-Firefox-Spdy: h2

page.widget.zalo.me/static/js/cphandler.js

49.213.114.167

200 OK

2.3 kB

URL HTTP/2
page.widget.zalo.me/static/js/cphandler.js
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type
ASCII text, with CRLF line terminators
Size
2.3 kB (2279 bytes)
Hash
e02df3ae5979d6de788855361ac9bbda
31e91f3c2fc467f95fe9a55206a39d554c41e005
2ba7f537cfd492f21b02ee954827b8db82ceaac1699695f5b1c3719d4dc07207

HTTP Headers

GET /static/js/cphandler.js HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: application/javascript
content-length: 2279
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

page.widget.zalo.me/static/js/zinit.js?v5

49.213.114.167

200 OK

900 B

URL HTTP/2
page.widget.zalo.me/static/js/zinit.js?v5
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type
ASCII text
Size
900 B (900 bytes)
Hash
562ebdb09ae3d87ce07b643e4e23b5d5
897f82c06b6f72452ff474bd14c27ba4460fed7c
c2139788118e243dc0c322959e5404b29ba73fbee0605c890fda2dc37d1ef764

HTTP Headers

GET /static/js/zinit.js?v5 HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: application/javascript
content-length: 900
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

gum.criteo.com/sid/json?origin=onetag&domain=jeff.vn&sn=FirefoxSyncframe&so=0&topUrl=www.jeff.vn&info=BajZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBna3c1YUJ4ZXFja0JVcFQ0a3U1a1BnZTlwWTNUWjB4SUdNcUFQemNEc3M&idsd=1137633689,1915777388&cw=1&lsw=1

178.250.0.157

200 OK

8.2 kB

URL HTTP/2
gum.criteo.com/sid/json?origin=onetag&domain=jeff.vn&sn=FirefoxSyncframe&so=0&topUrl=www.jeff.vn&info=BajZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBna3c1YUJ4ZXFja0JVcFQ0a3U1a1BnZTlwWTNUWjB4SUdNcUFQemNEc3M&idsd=1137633689,1915777388&cw=1&lsw=1
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type
JSON data\012- , ASCII text, with very long lines (20644)
Size
8.2 kB (8200 bytes)
Hash
218a3c7497a1b3576dbc2537985eb593
00e29649c0ccf67d34223e0447579f037e678aef
61609b7847dac446c02194fa8e8c19dd0285b0ea77fd936850bd12419b26eb1c

HTTP Headers

GET /sid/json?origin=onetag&domain=jeff.vn&sn=FirefoxSyncframe&so=0&topUrl=www.jeff.vn&info=BajZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBna3c1YUJ4ZXFja0JVcFQ0a3U1a1BnZTlwWTNUWjB4SUdNcUFQemNEc3M&idsd=1137633689,1915777388&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:03 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1531972
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656bb88409cd90_ava25.png

54.230.111.7

200 OK

6.8 kB

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656bb88409cd90_ava25.png
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
6.8 kB (6840 bytes)
Hash
91d673117e2a381f4f31bcfea2defd05
802fbc599fae6d5e85e8c26069c9866390aea81c
2406055062edbe53407e63e3949ab4f4d945c5d2be748171163cab174464fc15

HTTP Headers

GET /6107d6546b656bffc909cd26/6107d6546b656bb88409cd90_ava25.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 6840
date: Tue, 24 Jan 2023 01:50:35 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "91d673117e2a381f4f31bcfea2defd05"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: qsphhL6ln.fw2lXhI0Z..SLYKZVg1SFv
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1383330
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IRndBq9nYSPPkyF-B27YFEp0qD0Cjjy7f4qtn9-j6RZE0yJ43ZovsA==
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/61b8f8110ac8d91a46e05b3b_fav1.png

54.230.111.7

200 OK

546 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/61b8f8110ac8d91a46e05b3b_fav1.png
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
546 B (546 bytes)
Hash
8d3b64a42ca66fa9345e360b54a50059
c427d4a18ac2b9ca6b8a57e6e86c9293d424eb61
0797988ad3ff6e5a9818ec8637d60b6fbc67525cdf7eabbe38e78e7443c03f9a

HTTP Headers

GET /6107d6546b656bffc909cd26/61b8f8110ac8d91a46e05b3b_fav1.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 546
date: Tue, 31 Jan 2023 05:53:01 GMT
last-modified: Tue, 14 Dec 2021 20:01:23 GMT
etag: "8d3b64a42ca66fa9345e360b54a50059"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 8MwK.0QGsjy.IVILxs2yFuZY6K_Dd3IJ
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 763984
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JS4lZyES8sv82hKuapmDzZ_6ocgNn94SIRhSkmzqEDtaAoKYQQoKXg==
X-Firefox-Spdy: h2

vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html

54.230.111.85

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
IP
54.230.111.85:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1034 bytes)
Hash
112fdf47cdb80b9ce3d033ed09717460
3898efa86cbf1b64dc41a90a110ed5afd6f2ae13
3bfb2e882091d872eece2eee40084183a5fcb0a7ed98c1b004850751260a4cbb

HTTP Headers

GET /box-e031119f9e9e307a08fa610f85dbfb52.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kJPkuzgGzfjBHmQA4aYL0B6Itnb_OKY4ynis5si71lGMHpMvL3mr-w==
age: 478559
X-Firefox-Spdy: h2

script.hotjar.com/modules.14cb8958c3e3566a4606.js

54.230.111.93

200 OK

68 kB

URL HTTP/2
script.hotjar.com/modules.14cb8958c3e3566a4606.js
IP
54.230.111.93:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48770)
Size
68 kB (68072 bytes)
Hash
5331176444d8700436c501005f6a0731
d0f73de83bc0720ec98240ab04878a317491d640
07c3a5946b698fa789f6f4f6924761ffbc6808e145cba46c657092f9b36fee8a

HTTP Headers

GET /modules.14cb8958c3e3566a4606.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68072
date: Wed, 08 Feb 2023 15:48:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5331176444d8700436c501005f6a0731"
last-modified: Wed, 08 Feb 2023 15:47:26 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jvYn6uxNTpYVS0KCf9FUfF6_-WDgdQJ5vrHbKWgy9P9QB8eX_cOcLA==
age: 37079
X-Firefox-Spdy: h2

za.zdn.vn/v3/za.js

120.138.69.5

200 OK

7.9 kB

URL HTTP/2
za.zdn.vn/v3/za.js
IP
120.138.69.5:0
ASN
#38244 VNG Corporation

File type
ASCII text, with very long lines (20288)
Size
7.9 kB (7910 bytes)
Hash
f564f342d4aceb3656fe5ce80ff95604
f566114e9aab52a85f8b6a25084a1068902ff65a
997a41a9400322ad6e066d89a5048e04a5156223aea186cce1bf3446f2de5cb9

HTTP Headers

GET /v3/za.js HTTP/1.1
Host: za.zdn.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: application/javascript
content-length: 7910
last-modified: Mon, 10 Jan 2022 09:12:24 GMT
etag: W/"61dbf878-4f41"
content-encoding: gzip
age: 372
access-control-allow-origin: *
X-Firefox-Spdy: h2

za.zalo.me/v3/le?msg=Set%20visitor%20id%20while%20it%20is%20invalid%3A%20&ver=2201101603&r=1675908422093

49.213.114.149

200 OK

0 B

URL HTTP/2
za.zalo.me/v3/le?msg=Set%20visitor%20id%20while%20it%20is%20invalid%3A%20&ver=2201101603&r=1675908422093
IP
49.213.114.149:0
ASN
#38244 VNG Corporation

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/le?msg=Set%20visitor%20id%20while%20it%20is%20invalid%3A%20&ver=2201101603&r=1675908422093 HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:05 GMT
content-length: 0
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2

za.zalo.me/v3/w/t

49.213.114.149

200 OK

193 B

URL HTTP/2
za.zalo.me/v3/w/t
IP
49.213.114.149:0
ASN
#38244 VNG Corporation

File type
JSON data\012- , ASCII text, with no line terminators
Size
193 B (193 bytes)
Hash
8e5df1e602d5b7fd56d35bca3f8b8cc2
00a9a487f3d42adefc118f2d21b5157c15fc7302
c7b9e19e7a9acde205b2ce2463e8bba0d867cd480b951332121022d445891a42

HTTP Headers

POST /v3/w/t HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 316
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:05 GMT
content-type: application/json; charset=utf-8
content-length: 193
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
set-cookie: __zi=2000.VPtvheCV6jGvZl6qdrj2cJ-FzhoUK47SEu7pzPPMJjeqXFx-C0.1;Secure;SameSite=None;Path=/;Domain=zalo.me;Max-Age=62208000
__zi-legacy=2000.VPtvheCV6jGvZl6qdrj2cJ-FzhoUK47SEu7pzPPMJjeqXFx-C0.1;Path=/;Domain=zalo.me;Expires=Wed, 29-Jan-2025 02:06:05 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2

jeffvn.pushengage.com/dialog.css

54.174.94.80

200 OK

5.6 kB

URL HTTP/2
jeffvn.pushengage.com/dialog.css
IP
54.174.94.80:0
ASN
#14618 AMAZON-AES

File type
data
Size
5.6 kB (5593 bytes)
Hash
e51ac43b3b8fa254365daacb101ac303
325fb8e0d92b46c6ac7345811c7fff82d73f7b6f
0ee366f6753f2d2f3623d4342e705a956ed010a5cf7c13cf78e59b1afabba84d

HTTP Headers

GET /dialog.css HTTP/1.1
Host: jeffvn.pushengage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: text/css;charset=UTF-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

za.zalo.me/v3/w/t

49.213.114.149

200 OK

177 B

URL HTTP/2
za.zalo.me/v3/w/t
IP
49.213.114.149:0
ASN
#38244 VNG Corporation

File type
JSON data\012- , ASCII text, with no line terminators
Size
177 B (177 bytes)
Hash
b18a368545ef60890666b9b22b9550a1
0b6f1636c13ed99af0119c45e6f1b0b617368862
59a0dd8dedf9fe4ac50ba7008001c934df5f5ac2348f6f7358793a6fb2519c89

HTTP Headers

POST /v3/w/t HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 585
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:05 GMT
content-type: application/json; charset=utf-8
content-length: 177
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
set-cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1;Secure;SameSite=None;Path=/;Domain=zalo.me;Max-Age=62208000
__zi-legacy=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1;Path=/;Domain=zalo.me;Expires=Wed, 29-Jan-2025 02:06:05 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6315
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:06 GMT
Last-Modified: Thu, 09 Feb 2023 00:20:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27843 bytes)
Hash
dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: h2hMnU6aZXz26JTlDCSv6CtDI4XcDZJ0xinke3ZIhxV6f8JPjSHBJHhVrm4KKFoWIwihjWUQ2rXs8RULTr9kjQ==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 02:06:06 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

page.widget.zalo.me/static/locales/vi/translation.json

49.213.114.167

200 OK

1.0 kB

URL HTTP/2
page.widget.zalo.me/static/locales/vi/translation.json
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type
JSON data\012- , Unicode text, UTF-8 text
Size
1.0 kB (1037 bytes)
Hash
d9b26a1e67f11e3bcc219a2d7b4c9df3
fc758dc7f8d34a1fed11b19073c08f61f396981e
4d4a458ed10c41e81e1abd276d9649ac4ed0a3ec26b140725c554313ab6cce0a

HTTP Headers

GET /static/locales/vi/translation.json HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Connection: keep-alive
Cookie: __zi=2000.VPtvheCV6jGvZl6qdrj2cJ-FzhoUK47SEu7pzPPMJjeqXFx-C0.1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:05 GMT
content-type: application/json
content-length: 1037
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

bat.bing.com/bat.js

13.107.21.200

200 OK

12 kB

URL HTTP/2
bat.bing.com/bat.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (39395), with no line terminators
Size
12 kB (11552 bytes)
Hash
4f378a725368a42971cd69e29f75db89
2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e
6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 97C8BC2E84594E3FA0E3E70352CDB91C Ref B: OSL30EDGE0314 Ref C: 2023-02-09T02:06:06Z
date: Thu, 09 Feb 2023 02:06:05 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6315
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:06 GMT
Last-Modified: Thu, 09 Feb 2023 00:20:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/signals/plugins/identity.js?v=2.9.95

31.13.72.12

200 OK

21 kB

URL HTTP/2
connect.facebook.net/signals/plugins/identity.js?v=2.9.95
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (60008)
Size
21 kB (20722 bytes)
Hash
4ab212d67df0d744f74a6f6a257b2653
7844504c6b52741b4467b98856b2da4d2e276630
6b5ed11f9d9bfad094e0177b6339804dbdccfece80ea0636343349543ca69c63

HTTP Headers

GET /signals/plugins/identity.js?v=2.9.95 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: EbWYiC/DkilcF80H2sB9o6nnfwAcuI+yz8Zoe8JvhDJtFdqgpmkUYMaUoX3uVFc8JUMVhrirTwg+4AlTJzU2VA==
priority: u=3,i
content-length: 20722
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 02:06:06 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=149005296&tm=gtm002&Ver=2&mid=e97cb299-27d6-4902-b63b-fc274ee43d9d&sid=71f65a20a81e11edb646d9203f5a67c2&vid=71f67250a81e11ed963737b412033271&vids=1&msclkid=N&gtm_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&p=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&r=&lt=3203&evt=pageLoad&sv=1&rn=64035

13.107.21.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=149005296&tm=gtm002&Ver=2&mid=e97cb299-27d6-4902-b63b-fc274ee43d9d&sid=71f65a20a81e11edb646d9203f5a67c2&vid=71f67250a81e11ed963737b412033271&vids=1&msclkid=N&gtm_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&p=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&r=&lt=3203&evt=pageLoad&sv=1&rn=64035
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=149005296&tm=gtm002&Ver=2&mid=e97cb299-27d6-4902-b63b-fc274ee43d9d&sid=71f65a20a81e11edb646d9203f5a67c2&vid=71f67250a81e11ed963737b412033271&vids=1&msclkid=N&gtm_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&p=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&r=&lt=3203&evt=pageLoad&sv=1&rn=64035 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1ACBE9807D406B2F0628FB337C176AED; domain=.bing.com; expires=Tue, 05-Mar-2024 02:06:06 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DCFB41F21E5349F0918A4E676324416A Ref B: OSL30EDGE0314 Ref C: 2023-02-09T02:06:06Z
date: Thu, 09 Feb 2023 02:06:05 GMT
X-Firefox-Spdy: h2

bat.bing.com/p/action/149005296.js

13.107.21.200

200 OK

1.5 kB

URL HTTP/2
bat.bing.com/p/action/149005296.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1498 bytes)
Hash
739c33a2c4a195f346b141d526747a53
ef850382c38799130e2646b84e3a7b7e72efa74b
f2a2e722c1a80cc3a085a319af1a6e95d229c3fad9e7dc8b1a8c1aa9d2889c5e

HTTP Headers

GET /p/action/149005296.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1498
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D75F7BE57A364DFC8140DA5A880A97E6 Ref B: OSL30EDGE0314 Ref C: 2023-02-09T02:06:06Z
date: Thu, 09 Feb 2023 02:06:05 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f48f5af6c6f7f29ec5818d38b1ec633b
1fdafc01b4ace0cb414124d26aef7d30beb0ca4f
994b69b40573d29ee40cd8dd6538f77c1140f2386fbc7ef46e5665162a782085

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:06 GMT
Etag: "63e34f96-1d7"
Server: ECS (amb/6BA9)
Content-Length: 471

www.facebook.com/tr/?id=504317807104934&ev=PageView&dl=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&rl=&if=false&ts=1675908423892&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675908423891.987414896&it=1675908423124&coo=false&tm=1&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=504317807104934&ev=PageView&dl=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&rl=&if=false&ts=1675908423892&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675908423891.987414896&it=1675908423124&coo=false&tm=1&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=504317807104934&ev=PageView&dl=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&rl=&if=false&ts=1675908423892&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675908423891.987414896&it=1675908423124&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 09 Feb 2023 02:06:06 GMT
X-Firefox-Spdy: h2

px.dmp.zaloapp.com/static/zdmp_tr_px.js

49.213.114.180

200 OK

2.6 kB

URL HTTP/2
px.dmp.zaloapp.com/static/zdmp_tr_px.js
IP
49.213.114.180:0
ASN
#38244 VNG Corporation

File type
ASCII text, with very long lines (2647), with no line terminators
Size
2.6 kB (2647 bytes)
Hash
3ef744e78aeed6156b780503bd74bb97
5f2ea6ef1c85a8b0e01896f0a72e38e4a7ee9ece
0f7242dd0414ccc179b5e08a6bcd8e8334683f4339d1f7bb082555d4ea1684a6

HTTP Headers

GET /static/zdmp_tr_px.js HTTP/1.1
Host: px.dmp.zaloapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:06 GMT
content-type: application/javascript
content-length: 2647
last-modified: Tue, 27 Dec 2022 07:33:52 GMT
etag: "63aa9fe0-a57"
accept-ranges: bytes
server: za-ngx-srv
cache-control: no-cache, max-age=0
X-Firefox-Spdy: h2

d.clarity.ms/collect

40.76.174.66

204 No Content

0 B

URL HTTP/2
d.clarity.ms/collect
IP
40.76.174.66:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 43074
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
date: Thu, 09 Feb 2023 02:06:06 GMT
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 09 Feb 2023 01:44:06 GMT
expires: Thu, 09 Feb 2023 03:44:06 GMT
cache-control: public, max-age=7200
age: 1321
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

c.clarity.ms/c.gif

40.69.95.108

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
40.69.95.108:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&RedC=c.clarity.ms&MXFR=265BD2E54FA86A1E1652C0564BA864D9
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=265BD2E54FA86A1E1652C0564BA864D9; domain=.clarity.ms; expires=Tue, 05-Mar-2024 02:06:07 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Thu, 09 Feb 2023 02:06:07 GMT
content-length: 0
X-Firefox-Spdy: h2

api.widget.zalo.me/v1/zuser

49.213.114.167

200 OK

57 B

URL HTTP/2
api.widget.zalo.me/v1/zuser
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type
JSON data\012- , ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
3e9590827921ed67322cbbfcdb754ff1
392279ecefe6f8f88aa223e79206e65891249883
a4518a2205f5917f44bfb75a043a10df95eef8c353aca95306de38dcd5d7bb18

HTTP Headers

GET /v1/zuser HTTP/1.1
Host: api.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Zreferrer: www.jeff.vn
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: text/json;charset=utf-8
content-length: 57
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-max-age: 1728000
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

api.widget.zalo.me/v1/oa?oaid=1841675626203250178

49.213.114.167

200 OK

564 B

URL HTTP/2
api.widget.zalo.me/v1/oa?oaid=1841675626203250178
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (557), with no line terminators
Size
564 B (564 bytes)
Hash
f3dcee426105f92a31c0432edca1af3e
bf263012b0928fe2b5fa86e87c1bd4dd5c87e319
ac0e834de60cb3e4210b85853319150e0206a13cefc8d95cee0400b9961f2319

HTTP Headers

GET /v1/oa?oaid=1841675626203250178 HTTP/1.1
Host: api.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: 64d329381ac6a81d374ad4ca4945bb228a2875ea391f14a90e47d511a6b05a7c
Zreferrer: www.jeff.vn
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: text/json;charset=utf-8
content-length: 564
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-max-age: 1728000
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7RLV1ZQ10L&cid=909987102.1675908425&gtm=45je3280&aip=1&z=361173906

142.250.74.131

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7RLV1ZQ10L&cid=909987102.1675908425&gtm=45je3280&aip=1&z=361173906
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7RLV1ZQ10L&cid=909987102.1675908425&gtm=45je3280&aip=1&z=361173906 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 02:06:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

c.bing.com/c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&RedC=c.clarity.ms&MXFR=265BD2E54FA86A1E1652C0564BA864D9

13.107.21.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&RedC=c.clarity.ms&MXFR=265BD2E54FA86A1E1652C0564BA864D9
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&RedC=c.clarity.ms&MXFR=265BD2E54FA86A1E1652C0564BA864D9 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jeff.vn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&MUID=1DEB1CDF811061BB100E0E6C8047607B
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: MUID=1DEB1CDF811061BB100E0E6C8047607B; domain=.bing.com; expires=Tue, 05-Mar-2024 02:06:07 GMT; path=/; SameSite=None; Secure; Priority=High;
MR=0; domain=c.bing.com; expires=Thu, 16-Feb-2023 02:06:07 GMT; path=/; SameSite=None; Secure;
SRM_B=1DEB1CDF811061BB100E0E6C8047607B; domain=c.bing.com; expires=Tue, 05-Mar-2024 02:06:07 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C3CDFB8CA884232A4DAFCD45EBE933C Ref B: OSL30EDGE0314 Ref C: 2023-02-09T02:06:07Z
date: Thu, 09 Feb 2023 02:06:06 GMT
content-length: 0
X-Firefox-Spdy: h2

app.jeff.vn/embeddable-scripts/webflow/global.js

54.230.111.57

200 OK

48 kB

URL HTTP/2
app.jeff.vn/embeddable-scripts/webflow/global.js
IP
54.230.111.57:0
ASN
#16509 AMAZON-02

File type
data
Size
48 kB (47738 bytes)
Hash
90bb5058825a181fd0ce1a78cbacae1a
4255b5a09ab7ee4a3a4f96c41fdf0ab8a4eb8fae
5cf6beffc64b6b7446fa3dcfa412db6df2d020776f0ad6c04e71fa4c4834120e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /embeddable-scripts/webflow/global.js HTTP/1.1
Host: app.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 09 Feb 2023 02:06:03 GMT
set-cookie: AWSALB=rv0+PjcXWqDqLKE4xMF5Qdq0h4+HlHYUA7azRyxLmCaIqiPEYaiFFGsvGLt+1E4JjDwMX4Hxwk9o8r9SBw6qoUGtanozNqUMqRIwVZzvHgIxAKp+8l/6IglnYcbY; Expires=Thu, 16 Feb 2023 02:06:03 GMT; Path=/
AWSALBCORS=rv0+PjcXWqDqLKE4xMF5Qdq0h4+HlHYUA7azRyxLmCaIqiPEYaiFFGsvGLt+1E4JjDwMX4Hxwk9o8r9SBw6qoUGtanozNqUMqRIwVZzvHgIxAKp+8l/6IglnYcbY; Expires=Thu, 16 Feb 2023 02:06:03 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 08 Feb 2023 13:04:29 GMT
etag: W/"19c04-1863120a748"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: TA_RXi_NkTlUVhTIkoav9BGzfw-11RcrbNWEY_RVPdSMsC9k5hkWxw==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

216.58.207.227

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11800, version 1.0\012- data
Size
12 kB (11800 bytes)
Hash
e36fccd06262bef92e7a9841e2202225
b907dd02819497b3942220e0aa160c167195506b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 00:55:59 GMT
expires: Mon, 05 Feb 2024 00:55:59 GMT
cache-control: public, max-age=31536000
age: 349808
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:02:00 GMT
expires: Mon, 05 Feb 2024 22:02:00 GMT
cache-control: public, max-age=31536000
age: 273847
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

216.58.207.227

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Size
12 kB (11872 bytes)
Hash
87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 14:50:08 GMT
expires: Wed, 07 Feb 2024 14:50:08 GMT
cache-control: public, max-age=31536000
age: 126959
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-150685598-1&cid=909987102.1675908425&jid=1403583460&gjid=359863185&_gid=671818255.1675908425&_u=YCDAiEABBAAAAEABI~&z=307317912

173.194.222.156

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-150685598-1&cid=909987102.1675908425&jid=1403583460&gjid=359863185&_gid=671818255.1675908425&_u=YCDAiEABBAAAAEABI~&z=307317912
IP
173.194.222.156:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-150685598-1&cid=909987102.1675908425&jid=1403583460&gjid=359863185&_gid=671818255.1675908425&_u=YCDAiEABBAAAAEABI~&z=307317912 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.jeff.vn
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Feb 2023 02:06:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

216.58.207.227

200 OK

5.6 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 5604, version 1.0\012- data
Size
5.6 kB (5604 bytes)
Hash
7cda2cfee99d697daf8c14819d9004eb
76f4002863493c93454a9f17424942f321287cba
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 10:14:15 GMT
expires: Sat, 03 Feb 2024 10:14:15 GMT
cache-control: public, max-age=31536000
age: 489112
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

216.58.207.227

200 OK

5.6 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Size
5.6 kB (5560 bytes)
Hash
ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:11:32 GMT
expires: Tue, 06 Feb 2024 17:11:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
age: 204875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&MUID=1DEB1CDF811061BB100E0E6C8047607B

40.69.95.108

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&MUID=1DEB1CDF811061BB100E0E6C8047607B
IP
40.69.95.108:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&MUID=1DEB1CDF811061BB100E0E6C8047607B HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jeff.vn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Mon, 30 Jan 2023 17:32:34 GMT
accept-ranges: bytes
etag: "c9e6d3d6d034d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 09-Feb-2023 02:16:07 GMT; path=/; SameSite=None; Secure;
date: Thu, 09 Feb 2023 02:06:07 GMT
content-length: 42
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-150685598-1&cid=909987102.1675908425&jid=1403583460&_u=YCDAiEABBAAAAEABI~&z=903029358

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-150685598-1&cid=909987102.1675908425&jid=1403583460&_u=YCDAiEABBAAAAEABI~&z=903029358
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-150685598-1&cid=909987102.1675908425&jid=1403583460&_u=YCDAiEABBAAAAEABI~&z=903029358 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 02:06:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

page.widget.zalo.me/static/images/2.0/Logo.svg

49.213.114.167

200 OK

1.3 kB

URL HTTP/2
page.widget.zalo.me/static/images/2.0/Logo.svg
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (696)
Size
1.3 kB (1343 bytes)
Hash
311478921d5ccfd5f26fdc6776a2c45a
6d42312fd69c96c77d7fc7104c943f4c8292e0c4
6dca0db9475a15c27d0f49161912ca1dd402f9094f71063aa3b34d8dce24b781

HTTP Headers

GET /static/images/2.0/Logo.svg HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: image/svg+xml
content-length: 1343
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

za.zalo.me/gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1&anoTok=NdqLyA_arCPATXFngEpMnqjZ1xFquiw55t4DhUQcZOiFD4YuwQwBX0axJRSoENq

49.213.114.149

200 OK

145 B

URL HTTP/2
za.zalo.me/gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1&anoTok=NdqLyA_arCPATXFngEpMnqjZ1xFquiw55t4DhUQcZOiFD4YuwQwBX0axJRSoENq
IP
49.213.114.149:0
ASN
#38244 VNG Corporation

File type
JSON data\012- , ASCII text, with no line terminators
Size
145 B (145 bytes)
Hash
f5da855cdae9a298839a93c5acaf3f95
bebb47b0afc8803512c5df65ea61b91943d612e9
c59a32662f19e3fdabbc53801ed36cb32f071be806efba49d6f809b3325332d1

HTTP Headers

GET /gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1&anoTok=NdqLyA_arCPATXFngEpMnqjZ1xFquiw55t4DhUQcZOiFD4YuwQwBX0axJRSoENq HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: application/json; charset=utf-8
content-length: 145
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2

za.zalo.me/gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1&anoTok=NdqLyA_arCPATXFngEpMnqjZ1xFquiw55t4DhUQcZOiFD4YuwQwBX0axJRSoENq

49.213.114.149

200 OK

145 B

URL HTTP/2
za.zalo.me/gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1&anoTok=NdqLyA_arCPATXFngEpMnqjZ1xFquiw55t4DhUQcZOiFD4YuwQwBX0axJRSoENq
IP
49.213.114.149:0
ASN
#38244 VNG Corporation

File type
JSON data\012- , ASCII text, with no line terminators
Size
145 B (145 bytes)
Hash
5f9ebfaefa1ee873d1f153cefef230bb
57d9c18787e21d224dc4931359abb99529c1bd2e
9d81347b4ae62853106065c0c5dbbcb22707095bcd1314d7cd16421567521664

HTTP Headers

GET /gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1&anoTok=NdqLyA_arCPATXFngEpMnqjZ1xFquiw55t4DhUQcZOiFD4YuwQwBX0axJRSoENq HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: application/json; charset=utf-8
content-length: 145
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-7RLV1ZQ10L&gtm=45je3280&_p=1570848551&_gaz=1&cid=909987102.1675908425&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&dr=&sid=1675908424&sct=1&seg=0&dl=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&dt=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&uid=&en=page_view&_fv=1&_nsi=1&_ss=2&up.lead_type=

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-7RLV1ZQ10L&gtm=45je3280&_p=1570848551&_gaz=1&cid=909987102.1675908425&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&dr=&sid=1675908424&sct=1&seg=0&dl=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&dt=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&uid=&en=page_view&_fv=1&_nsi=1&_ss=2&up.lead_type=
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7RLV1ZQ10L&gtm=45je3280&_p=1570848551&_gaz=1&cid=909987102.1675908425&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&dr=&sid=1675908424&sct=1&seg=0&dl=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&dt=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&uid=&en=page_view&_fv=1&_nsi=1&_ss=2&up.lead_type= HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.jeff.vn
date: Thu, 09 Feb 2023 02:06:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

page.widget.zalo.me/static/css/fa/webfonts/fa-regular-400.woff2

49.213.114.167

200 OK

169 kB

URL HTTP/2
page.widget.zalo.me/static/css/fa/webfonts/fa-regular-400.woff2
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type
Web Open Font Format (Version 2), TrueType, length 168768, version 331.-31261\012- data
Size
169 kB (168768 bytes)
Hash
d8689b99dce7c881d3130f3c91cfefdf
fb005c93930c13b3a5f449bbc75ba5ee23f609fa
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

HTTP Headers

GET /static/css/fa/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://page.widget.zalo.me/static/css/fa/css/all.min.css
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: font/woff2
content-length: 168768
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

d.clarity.ms/collect

40.76.174.66

204 No Content

0 B

URL HTTP/2
d.clarity.ms/collect
IP
40.76.174.66:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2414
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
date: Thu, 09 Feb 2023 02:06:07 GMT
X-Firefox-Spdy: h2

page.widget.zalo.me/static/css/fa/webfonts/fa-light-300.woff2

49.213.114.167

200 OK

184 kB

URL HTTP/2
page.widget.zalo.me/static/css/fa/webfonts/fa-light-300.woff2
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type
Web Open Font Format (Version 2), TrueType, length 184144, version 331.-31261\012- data
Size
184 kB (184144 bytes)
Hash
de11da0fb48a14c9cbc05b0a24ed6efa
878cd08a06b335d95826e813e0a8777e28a76d04
e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d

HTTP Headers

GET /static/css/fa/webfonts/fa-light-300.woff2 HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://page.widget.zalo.me/static/css/fa/css/all.min.css
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: font/woff2
content-length: 184144
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
92614511b9517837c40caf0ce4fbc24b
86a00f4962b506759d0e1cabd6d3e8227d3b9d03
41ed474cf2cc2d53567fdb9d71ec48ae758c87d2e050eb3c31d727adf9566038

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 189
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:08 GMT
Etag: "63e311cc-1d7"
Last-Modified: Thu, 09 Feb 2023 02:02:59 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
92614511b9517837c40caf0ce4fbc24b
86a00f4962b506759d0e1cabd6d3e8227d3b9d03
41ed474cf2cc2d53567fdb9d71ec48ae758c87d2e050eb3c31d727adf9566038

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:08 GMT
Etag: "63e311cc-1d7"
Server: ECS (amb/6BAE)
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4d073744e577ad7a2c1d98e7bbf84579
5175f2911a6146f9ef34e4cf63a2759a909f495f
03131e129f9f80a6658e4a07602bc41c14af2b3bf721feba26e47103f8b954b5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2232
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:09 GMT
Last-Modified: Thu, 09 Feb 2023 01:28:58 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

s160-ava-talk.zadn.vn/0/e/7/7/2/160/fd7790535068f98a7e35116f7e5d477e.jpg

103.39.92.104

200 OK

3.5 kB

URL HTTP/2
s160-ava-talk.zadn.vn/0/e/7/7/2/160/fd7790535068f98a7e35116f7e5d477e.jpg
IP
103.39.92.104:0
ASN
#18403 FPT Telecom Company

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x160, components 3\012- data
Size
3.5 kB (3526 bytes)
Hash
45c97814123e963fba9b7cbe31af7c2d
c7a1c6ced7ba62447cc8743d02982167ede52ae0
e2af94f1179813bed9fd382a0b23a359da83774374c39133d6b434af30d3f36a

HTTP Headers

GET /0/e/7/7/2/160/fd7790535068f98a7e35116f7e5d477e.jpg HTTP/1.1
Host: s160-ava-talk.zadn.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
server: Universe
cache-control: max-age=7776000,no-transform
expires: Wed, 10 May 2023 02:06:09 GMT
date: Thu, 09 Feb 2023 02:06:09 GMT
last-modified: Thu, 09 Feb 2023 02:06:09 GMT
x-cache-status: HIT
age: 7432715
content-length: 3526
content-type: image/jpg
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b1c9a09cd47_heart.svg

54.230.111.7

200 OK

0 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b1c9a09cd47_heart.svg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /6107d6546b656bffc909cd26/6107d6546b656b1c9a09cd47_heart.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 17 Jan 2023 01:14:52 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: W/"0b0444d559b753b01769d338e8e6b725"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: YtxyRj6nwilAX9Q.ecsWds7UwrywbMpz
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1990271
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PTcKonFnSmQ3JGnEaCuAM7t2wNwI9z4PO1kVVneeaFdoeC-79nqwsw==
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b38c709cd45_announce.svg

54.230.111.7

200 OK

0 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b38c709cd45_announce.svg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /6107d6546b656bffc909cd26/6107d6546b656b38c709cd45_announce.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 20 Jan 2023 02:00:42 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: W/"312f73f9d116b50e2aa65bea96d932a0"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: gZE.0bXdriCNJlCWYrhY_XehgFydewEt
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1728321
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gh2l8JbjjGib3dAa_zwNUAIft3JrefM1S7RPj0VMBkn_d1ZttVYmZg==
X-Firefox-Spdy: h2

gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /syncframe?topUrl=www.jeff.vn&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:02 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=d04fe763-44ec-4eb3-a120-9ac0d1443e86; expires=Tue, 05 Mar 2024 02:06:02 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 585584
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

widget.chat.zalo.me/login-tab?oaId=1841675626203250178

49.213.78.128

200 OK

0 B

URL HTTP/2
widget.chat.zalo.me/login-tab?oaId=1841675626203250178
IP
49.213.78.128:0
ASN
#38244 VNG Corporation

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /login-tab?oaId=1841675626203250178 HTTP/1.1
Host: widget.chat.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: b696aca350238a6e2ec799d562008fbc446b67d4e542a45f3480bcaf200cff27
Zreferrer: www.jeff.vn
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:09 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Headers, Authorization, Zreferrer
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: zoaw_sek=piMJ.1114316169.0.plyDK1Z7HOsHsYxF6CT5ZHZ7HOqOnqMD6TSGQNkuHOq;Domain=.zalo.me;Expires=Thu, 16-Feb-2023 02:06:09 GMT;HttpOnly; Secure; SameSite=None; Secure; SameSite=None
zoaw_type=0;Domain=.zalo.me;Expires=Thu, 16-Feb-2023 02:06:09 GMT; Secure; SameSite=None
content-encoding: gzip
vary: Accept-Encoding, User-Agent
server: za-ngx-srv
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

sp.zalo.me/plugins/sdk.js

49.213.114.132

200 OK

0 B

URL HTTP/2
sp.zalo.me/plugins/sdk.js
IP
49.213.114.132:0
ASN
#38244 VNG Corporation

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /plugins/sdk.js HTTP/1.1
Host: sp.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:03 GMT
content-type: text/javascript;charset=utf-8
etag: cbc6013bb2eeee269197cfbcfe0d1818--gzip
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/61c0d1264935ee173ea20df9_Jeff-logo-blue.svg

54.230.111.7

200 OK

0 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/61c0d1264935ee173ea20df9_Jeff-logo-blue.svg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /6107d6546b656bffc909cd26/61c0d1264935ee173ea20df9_Jeff-logo-blue.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 05 Jan 2023 09:13:59 GMT
last-modified: Mon, 20 Dec 2021 18:53:28 GMT
etag: W/"fac34ae20c20c5797b16e98a6037501e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: XtJG1xIfC3_oAEC_jmId_Ai9gImM0CTR
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2998324
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q5nX5CYBu-mFwLs4IkkGAoP6y9AX7qKQXCM0xu7GC3CsNoCTzP_88A==
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

178.250.6.197

200 OK

0 B

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
178.250.6.197:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:02 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 130615
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

connect.facebook.net/signals/config/504317807104934?v=2.9.95&r=stable

31.13.72.12

200 OK

0 B

URL HTTP/2
connect.facebook.net/signals/config/504317807104934?v=2.9.95&r=stable
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /signals/config/504317807104934?v=2.9.95&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 8TXTU916IEhbRzZgT4Oe4mOrnqzCNlG+W1M8ubFyUIl9RVdpgA7w/+durOJ0+Fu9FUFeer0ISaPjiCGIDuvBYw==
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 02:06:06 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.widget.zalo.me/v1/oa?oaid=1841675626203250178

49.213.114.167

200 OK

0 B

URL HTTP/2
api.widget.zalo.me/v1/oa?oaid=1841675626203250178
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /v1/oa?oaid=1841675626203250178 HTTP/1.1
Host: api.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,zreferrer
Referer: https://page.widget.zalo.me/
Origin: https://page.widget.zalo.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

dynamic.criteo.com/js/ld/ld.js?a=98165

178.250.2.140

200 OK

0 B

URL HTTP/2
dynamic.criteo.com/js/ld/ld.js?a=98165
IP
178.250.2.140:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/ld/ld.js?a=98165 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:02 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

page.widget.zalo.me/static/static/css/main.607e1b85.chunk.css

49.213.114.167

200 OK

0 B

URL HTTP/2
page.widget.zalo.me/static/static/css/main.607e1b85.chunk.css
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/static/css/main.607e1b85.chunk.css HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js

49.213.114.167

200 OK

0 B

URL HTTP/2
page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/static/js/2.7b346dac.chunk.js HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

api.widget.zalo.me/v1/zuser

49.213.114.167

200 OK

0 B

URL HTTP/2
api.widget.zalo.me/v1/zuser
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /v1/zuser HTTP/1.1
Host: api.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: zreferrer
Referer: https://page.widget.zalo.me/
Origin: https://page.widget.zalo.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

widget.chat.zalo.me/login-tab?oaId=1841675626203250178

49.213.78.128

200 OK

0 B

URL HTTP/2
widget.chat.zalo.me/login-tab?oaId=1841675626203250178
IP
49.213.78.128:0
ASN
#38244 VNG Corporation

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /login-tab?oaId=1841675626203250178 HTTP/1.1
Host: widget.chat.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,zreferrer
Referer: https://page.widget.zalo.me/
Origin: https://page.widget.zalo.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:08 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Headers, Authorization, Zreferrer
access-control-allow-credentials: true
allow: GET, HEAD, POST, TRACE, OPTIONS
server: za-ngx-srv
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

page.widget.zalo.me/static/static/js/main.bdb050eb.chunk.js

49.213.114.167

200 OK

0 B

URL HTTP/2
page.widget.zalo.me/static/static/js/main.bdb050eb.chunk.js
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/static/js/main.bdb050eb.chunk.js HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/61cb0c09b776f0761b8a619e_testimonial_person_sml.jpg

54.230.111.7

200 OK

0 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/61cb0c09b776f0761b8a619e_testimonial_person_sml.jpg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /6107d6546b656bffc909cd26/61cb0c09b776f0761b8a619e_testimonial_person_sml.jpg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 56280
date: Mon, 09 Jan 2023 01:21:46 GMT
last-modified: Tue, 28 Dec 2021 13:07:22 GMT
etag: "fa2f152f3312a6219fb10009bca34887"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: SJHHdOpxgJ.VgsKdWg86y184WhZx8n5Y
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2681057
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1Wk85xfE3dfcy_YWBXZ98jlXOOdvcR9NgmCncdLVEFxO8Xeri6CyFg==
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/61b8f0931768433af36b831c_61b3e9130cda5653e4c3650b_stars.svg

54.230.111.7

200 OK

0 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/61b8f0931768433af36b831c_61b3e9130cda5653e4c3650b_stars.svg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /6107d6546b656bffc909cd26/61b8f0931768433af36b831c_61b3e9130cda5653e4c3650b_stars.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 17 Jan 2023 01:14:52 GMT
last-modified: Tue, 14 Dec 2021 19:29:25 GMT
etag: W/"3ab8863711cd31b29be9ac7c209a322d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: Qbfc7DfZevSEAcMikzhL8QhJlEf3FCGK
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1990271
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UElEoBYQkJWO9BmVlLFBHdQI5-Et7nHVdBQp8JlukDsdYC09yNBQTA==
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-2616020.js?sv=7

54.230.111.113

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-2616020.js?sv=7
IP
54.230.111.113:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/hotjar-2616020.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 09 Feb 2023 02:06:04 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/be9c075a675aca50533432490876928b
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BvkipxZnkjLHG95iSdMjuhs1ZCAr-17ACcutQYToIFQeB5OECC_NtA==
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b495b09cd48_timer.svg

54.230.111.7

200 OK

0 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b495b09cd48_timer.svg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /6107d6546b656bffc909cd26/6107d6546b656b495b09cd48_timer.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 13 Jan 2023 02:02:24 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: W/"0f94244582317ca88b6421fb8f818105"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: .ODokhEdtaoajcVnEF5GpcZpfn32ksNj
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2333019
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xwShE2kYeTe_60odarmCws_2ZXnHfufpbvFXSSuied_bkzFpwk5Gnw==
X-Firefox-Spdy: h2

ag.gbc.criteo.com/newidsd

185.235.84.184

200 OK

0 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
185.235.84.184:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:03 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 112715
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

clientcdn.pushengage.com/core/c946221a-b52c-4331-a28e-1cb0bf89cc6f.js

54.230.111.71

200 OK

0 B

URL HTTP/2
clientcdn.pushengage.com/core/c946221a-b52c-4331-a28e-1cb0bf89cc6f.js
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /core/c946221a-b52c-4331-a28e-1cb0bf89cc6f.js HTTP/1.1
Host: clientcdn.pushengage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 09 Feb 2023 02:06:03 GMT
server: nginx
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6guH7DTGjnbYUDWSxrFp6RBvYrWTxNNgjdTnQGpuCC4Vf_qnPMuCZg==
X-Firefox-Spdy: h2

page.widget.zalo.me/static/css/fa/css/all.min.css

49.213.114.167

200 OK

0 B

URL HTTP/2
page.widget.zalo.me/static/css/fa/css/all.min.css
IP
49.213.114.167:0
ASN
#38244 VNG Corporation

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/css/fa/css/all.min.css HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

assets-global.website-files.com/6107d6546b656bffc909cd26/625879fcf6c684929927dfca_Group%20746.svg

54.230.111.7

200 OK

0 B

URL HTTP/2
assets-global.website-files.com/6107d6546b656bffc909cd26/625879fcf6c684929927dfca_Group%20746.svg
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /6107d6546b656bffc909cd26/625879fcf6c684929927dfca_Group%20746.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 20 Jan 2023 00:36:03 GMT
last-modified: Thu, 14 Apr 2022 19:46:07 GMT
etag: W/"294148022ac8428de1511db3b5923568"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: Ahcx4AKIE_naP6h4S1YItLgxflJXvFO4
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1733400
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ng_K5fdI-bJz1Sso7uFp60JX8VZdnAVUPeVvAKLKkJPDKFpRdIeuDQ==
X-Firefox-Spdy: h2

dnacdn.net/dna

178.250.0.157

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=mRVIRl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBna3c1YUJ4ZXFja0JVcFQ0a3U1a05IVDZGbEJqdTVHTmFwWTRFRnVrYVQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:03 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=BajZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBna3c1YUJ4ZXFja0JVcFQ0a3U1a1BnZTlwWTNUWjB4SUdNcUFQemNEc3M; expires=Tue, 05 Mar 2024 02:06:03 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 353209
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

www.clarity.ms/tag/uet/149005296

13.107.237.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/tag/uet/149005296
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/uet/149005296 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=1c905391c1e54dbda700337cb8224031.20230209.20240209; expires=Fri, 09 Feb 2024 02:06:06 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-cache: CONFIG_NOCACHE
x-azure-ref: 0DlXkYwAAAABhTmYngXrkQ6gr2+qK4dVhQ1BIMzBFREdFMDQyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 09 Feb 2023 02:06:05 GMT
X-Firefox-Spdy: h2

px.dmp.zaloapp.com/tr?id=7711843404775064594&event=PageView&sessionId=24c6ec65-9aaa-45e0-9647-069e4fb2ef99&time=1675908424025&version=1&zscript=1&lastsrcref=https://www.jeff.vn&vid=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1

49.213.114.180

200 OK

0 B

URL HTTP/2
px.dmp.zaloapp.com/tr?id=7711843404775064594&event=PageView&sessionId=24c6ec65-9aaa-45e0-9647-069e4fb2ef99&time=1675908424025&version=1&zscript=1&lastsrcref=https://www.jeff.vn&vid=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
IP
49.213.114.180:0
ASN
#38244 VNG Corporation

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tr?id=7711843404775064594&event=PageView&sessionId=24c6ec65-9aaa-45e0-9647-069e4fb2ef99&time=1675908424025&version=1&zscript=1&lastsrcref=https://www.jeff.vn&vid=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1 HTTP/1.1
Host: px.dmp.zaloapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0
pragma: no-cache
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

widget.chat.zalo.me/api/log?action=7&globalId=2000.SSZzwP5AMiydtRwqrXHCmIQKhAcS2KZPPy2WeD4B1zKXphZxXnyCqo39iFc67Xd7OfM-uSH22yqjsRpZZmyDp2dOkEc8Gmp3Av6mxuT50yGtDp4.1&oaId=1841675626203250178

49.213.78.128

200 OK

0 B

URL HTTP/2
widget.chat.zalo.me/api/log?action=7&globalId=2000.SSZzwP5AMiydtRwqrXHCmIQKhAcS2KZPPy2WeD4B1zKXphZxXnyCqo39iFc67Xd7OfM-uSH22yqjsRpZZmyDp2dOkEc8Gmp3Av6mxuT50yGtDp4.1&oaId=1841675626203250178
IP
49.213.78.128:0
ASN
#38244 VNG Corporation

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /api/log?action=7&globalId=2000.SSZzwP5AMiydtRwqrXHCmIQKhAcS2KZPPy2WeD4B1zKXphZxXnyCqo39iFc67Xd7OfM-uSH22yqjsRpZZmyDp2dOkEc8Gmp3Av6mxuT50yGtDp4.1&oaId=1841675626203250178 HTTP/1.1
Host: widget.chat.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: zreferrer
Referer: https://page.widget.zalo.me/
Origin: https://page.widget.zalo.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:09 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Headers, Authorization, Zreferrer
access-control-allow-credentials: true
allow: GET, HEAD, POST, TRACE, OPTIONS
server: za-ngx-srv
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (51)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML