r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3626
Expires: Thu, 09 Feb 2023 03:06:26 GMT
Date: Thu, 09 Feb 2023 02:06:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11858
Expires: Thu, 09 Feb 2023 05:23:38 GMT
Date: Thu, 09 Feb 2023 02:06:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 01:36:46 GMT
content-type: application/json
age: 1754
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19647
Expires: Thu, 09 Feb 2023 07:33:27 GMT
Date: Thu, 09 Feb 2023 02:06:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OxXTv46VcJpQFui9jxLsmGvxZJ2gCDAOr2M1MNNsupz36qOrXPT09s+lHGFdARHjjbohYM8xmshuneGWcBEC/Q==
x-amz-request-id: N37Q3X1FMSMKJ7YD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 01:36:10 GMT
age: 1790
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 02:06:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253
18.167.223.92301 Moved Permanently 134 B URL HTTP/1.1 www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253
IP 18.167.223.92:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
Analyzer Verdict Alert quad9 Sinkholed
GET /promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253 HTTP/1.1
Host: www.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Thu, 09 Feb 2023 02:06:00 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://www.jeff.vn:443/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 01:14:53 GMT
age: 3068
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2663
Expires: Thu, 09 Feb 2023 02:50:24 GMT
Date: Thu, 09 Feb 2023 02:06:01 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash ba8a214e03b5842c43279e0999d44667
d39e01e97828a7dfeca29b596ecca9bf14ba83fb
b1c299566a944692c51711aac3479ec463815e45f770280d15ba5305d4704806
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 02:06:01 GMT
Server: ECS (dcb/7EEC)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tHaWBzhgxEDNS6liNtHxki1LkjaJVnBryGt97YeNTPyJtMPLgCzPlw==
push.services.mozilla.com/
44.235.159.98101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.235.159.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NRJM6ZQIMRVSrpwjNa1z6w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0A/JvEi5zWaOzXYx86DjrglVGKA=
www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253
43.198.49.214200 OK 11 kB URL HTTP/2 www.jeff.vn/promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253
IP 43.198.49.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24365)
Hash 98fc7421cfd3182cb92d224d3f5f7f74
a8e44a652f60fc3a80a560b465e9d5407af8d7fd
bc268cabda328ad1d6f5eab1590ff526e475ead2181a5f373405beeedd77f3c3
Analyzer Verdict Alert quad9 Sinkholed
GET /promo/affiliate/?utm_source=publisher&utm_medium=cpc&utm_campaign=Leadbit-CPL&utid=63E454F47EED7B14FD07B699&utm_content=103253 HTTP/1.1
Host: www.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:02 GMT
content-type: text/html
content-length: 11154
server: nginx/1.22.0
content-encoding: gzip
x-lambda-id: 4ebec50f-971d-4ba2-97fd-2593ac88ae00
accept-ranges: bytes
age: 43001
x-served-by: cache-iad-kiad7000103-IAD, cache-hnd18738-HND
x-cache: MISS, HIT
x-cache-hits: 0, 142
x-timer: S1675908362.202102,VS0,VE0
vary: Accept-Encoding,x-wf-forwarded-proto
x-cluster-name: ap-northeast-1-prod-edge-blue
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
142.250.74.170200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 10:21:51 GMT
expires: Sat, 03 Feb 2024 10:21:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 488651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0dbb706f89afc7b6ea0_fb.svg
54.230.111.7200 OK 805 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0dbb706f89afc7b6ea0_fb.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (673)
Hash 687cc2617c243d910f0743a3d8452c15
ffd777e7f45a8cd9d93d907d503d7cac8bb31e0d
dd6fe0fed6def1b676286a203da5c58d178152d29b73debcf8c8f4ed6e269079
GET /6107d6546b656bffc909cd26/624dd0dbb706f89afc7b6ea0_fb.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 805
date: Fri, 27 Jan 2023 02:31:06 GMT
last-modified: Wed, 06 Apr 2022 17:41:48 GMT
etag: "687cc2617c243d910f0743a3d8452c15"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: taIhEQVhftJJ0orwE875uuRGTM0QSMm1
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1121697
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dZWzi0rSIA_4rXySbfLUJZX1XQL3yod7rljADXohD6jB0pNDh1S1Kw==
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-MH82HZJ
142.250.74.174200 OK 47 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-MH82HZJ
IP 142.250.74.174:0
File type ASCII text, with very long lines (3215)
Hash e89f8de62b8f972f063d918bb5f267e9
4808b464afa85d9f151c0105d7dfd3fe71d02729
e5d7bb28d6d6498d551f8cc1eea62f91accef9538d9647f3b195d9368ba21f41
GET /optimize.js?id=OPT-MH82HZJ HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 02:06:02 GMT
expires: Thu, 09 Feb 2023 02:06:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47173
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0db68b1d40bf15c8fa5_you.svg
54.230.111.7200 OK 825 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0db68b1d40bf15c8fa5_you.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (693)
Hash 210beff4c931452baacbe861bcdcb0ad
55a4ab7d9c1fc9e0bf43024dd599eb3628ac46da
b3dadf84bd14d47f74d4c3f09b51bc14881840c6264235050f333684d092dc43
GET /6107d6546b656bffc909cd26/624dd0db68b1d40bf15c8fa5_you.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 825
date: Mon, 09 Jan 2023 01:21:46 GMT
last-modified: Wed, 06 Apr 2022 17:41:48 GMT
etag: "210beff4c931452baacbe861bcdcb0ad"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 2JF0_xUDqsL7IMoubtz07Y47rHK4VWFh
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2681057
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B5wwjYhhms0mOaI3SLIVlf7F-tACAYiJsVmpcBcKfSAuuyazSNSjbA==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/js/jeff-vn.65016b155.js
54.230.111.7200 OK 97 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/js/jeff-vn.65016b155.js
IP 54.230.111.7:0
File type Unicode text, UTF-8 text, with very long lines (56368)
Hash b63fff218800c7656b8e454e97e74a0d
3a8820d1dc13ec66be88fbc2f5217ec60c905b24
d595a6bc5571a891fce28e9a1be78e44e992f22c264b0fa27611f2039269fd97
GET /6107d6546b656bffc909cd26/js/jeff-vn.65016b155.js HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 96664
last-modified: Mon, 06 Feb 2023 12:01:21 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: gRnc8CD30aLUSpI_swXvxUE6nsuziSd_
accept-ranges: bytes
server: AmazonS3
date: Thu, 09 Feb 2023 02:06:02 GMT
cache-control: max-age=84600, must-revalidate
etag: "b63fff218800c7656b8e454e97e74a0d"
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 20230
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nygEH61hHUvPDt3mmW-fU9aLvQzjx6pgPj5qlLsNhd92lDi8sLFFDA==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
54.230.111.7200 OK 78 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
IP 54.230.111.7:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 26da30b2f518f7d1dc730b6de3f30488
6e233395a93891f3bcc27d0f2559179ff08091f7
b639283e91d1ba38f2682431ac664f6b7c0dac9553cb3837e81782fe69b780f4
GET /6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 78493
last-modified: Tue, 07 Feb 2023 10:40:34 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: qF37ov9hyI1.MKK9dT4yt_8JEMazvyv.
accept-ranges: bytes
server: AmazonS3
date: Thu, 09 Feb 2023 02:06:02 GMT
cache-control: max-age=84600, must-revalidate
etag: "26da30b2f518f7d1dc730b6de3f30488"
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 55879
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3KPAps3jHyQ3SLSumxwC9IJE687JRxD7HdBR3deWMH-tjN02ZPPXCA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash ef17a68c77d3f30c049f15916fa92a6f
f5d35ca43f8ed49cc9f118b139c6277374680408
ccc54a44c20983853aa93b74cd87ecb1941429af41643fa66231923531359f0f
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151632
Date: Thu, 09 Feb 2023 02:06:02 GMT
Etag: "63e4025a-1d7"
Expires: Fri, 10 Feb 2023 20:13:14 GMT
Last-Modified: Wed, 08 Feb 2023 20:13:14 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: r8mTHSXxsX--OQCrcJByR_e8HhyTNNDrs3y0IuBRIDBRlMnaP1D3IA==
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b7a9d09cd7a_check.svg
54.230.111.7200 OK 227 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b7a9d09cd7a_check.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 132803e121eda15d5ccef28fd978aa8d
ef25f693f8da50c320e359e2aa543cddf5e357d0
a1d700b570a88b6f465b0f856f336c4094dd5f923c479aba7e333f6486f727c3
GET /6107d6546b656bffc909cd26/6107d6546b656b7a9d09cd7a_check.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 227
date: Fri, 06 Jan 2023 04:50:34 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "132803e121eda15d5ccef28fd978aa8d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: jQKr9IIYshh9y_Qgqj0xaw94_vVRCkz1
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2927729
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JC8HZbNNL87SisUTQdf2GhTMtz90IMnQVvZNbMYsoCXYL7LAyc7Lkg==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656b27d809cd54/6228b709c4c0960bf90d02fe_Frame%2048%20(2)%20(1).png
54.230.111.7200 OK 532 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656b27d809cd54/6228b709c4c0960bf90d02fe_Frame%2048%20(2)%20(1).png
IP 54.230.111.7:0
File type PNG image data, 2500 x 1100, 8-bit colormap, non-interlaced\012- data
Size 532 kB (532056 bytes)
Hash e73105b5524c8dd9b38cda38b043e77e
3c973f19408a4b872dc32a5e2e9702af98e26502
84d2b7a6cda66d4954705e58aade6dd6a9c7c607463aab384608323084fe720d
GET /6107d6546b656b27d809cd54/6228b709c4c0960bf90d02fe_Frame%2048%20(2)%20(1).png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 532056
date: Tue, 17 Jan 2023 01:36:03 GMT
last-modified: Wed, 09 Mar 2022 14:17:46 GMT
etag: "e73105b5524c8dd9b38cda38b043e77e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: xDu3x.b.em7KhKz4hc4teH0iLw02vGbd
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1989000
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UoObomqmdpqaieGIQlr66K88J0puICgqzdkizrL9nYL2hgHn9Q3HxA==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656babe309cd4f_2.svg
54.230.111.7200 OK 628 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656babe309cd4f_2.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (400)
Hash 459d66b59ffcc9910d65c5ccb22274ed
580a6fd926d85533b9e9b967980744aa11f6f2c0
15bc2f3cbc2276bc7893820a25e490418301eab5f020958c38b84fda6726a1e1
GET /6107d6546b656bffc909cd26/6107d6546b656babe309cd4f_2.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 628
date: Sun, 08 Jan 2023 00:27:01 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "459d66b59ffcc9910d65c5ccb22274ed"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: nPP.zDSTkA98QKUo4uRdUcTCHwHgoV1G
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2770742
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s_4gKIG_1F3bBHZRC_nx9A4mupd6IoK0cOb_3-hgU7XJOGX4xM1sHA==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b466909cd4a_1.svg
54.230.111.7200 OK 349 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b466909cd4a_1.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash cb24497241ce2a3ccdef0664ea0b077f
2e19280399b8c5425b49c9d35200c0dea56a22ba
e0e04a518393790a90b1525d2c1a58568ca8fb409bd7b79e3b4f123e4b5d3ca1
GET /6107d6546b656bffc909cd26/6107d6546b656b466909cd4a_1.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 349
date: Thu, 05 Jan 2023 10:17:22 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "cb24497241ce2a3ccdef0664ea0b077f"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: jiyCO4iDNBm96yjl8q9n7YQDmMq9.Z8g
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2994521
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 90C_s3KBflYMk-KnbnTqiZAnVz51EFGArUhM2G1LT3GCjcwmK7brZQ==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b843f09cd4b_3.svg
54.230.111.7200 OK 888 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b843f09cd4b_3.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (660)
Hash 63e0f683d082f61b47299e7fd5a17559
a6fb47765826ac1dcf68303364c59465b3c0233b
efb636eb5e268b99f96898d11a1c1643ca6e6247b095a345fd7d9198cc4295b9
GET /6107d6546b656bffc909cd26/6107d6546b656b843f09cd4b_3.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 888
date: Mon, 23 Jan 2023 01:38:51 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "63e0f683d082f61b47299e7fd5a17559"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: u4h27iVgg7J0_MIUKJSkZNaLPDmwlL89
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1470432
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zbmmk5G9JLlrvSku5JVUxQSC7GhvnIv9OMdOZsOQ0e6SK3HiTbVcvw==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656bca9d09cd95_cards-page2%20(1).jpg
54.230.111.7200 OK 140 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656bca9d09cd95_cards-page2%20(1).jpg
IP 54.230.111.7:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1146x1974, components 3\012- data
Size 140 kB (140104 bytes)
Hash 8044e529d44882c2757dee105221a5ea
994e24144ed202ba20cf06a634c5ec6db5d99bc0
6c7c74df54748ca7a5405ad711d7f03caf71709a8d7fa804d7893848422082d1
GET /6107d6546b656bffc909cd26/6107d6546b656bca9d09cd95_cards-page2%20(1).jpg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 140104
date: Fri, 27 Jan 2023 02:31:06 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "8044e529d44882c2757dee105221a5ea"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 6F9vCv9qo.2Y_F.MbYtjo0s9_3RRRE6O
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1121697
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i5oNJ4crIXZ9MjPJSzGUnbGzi1cuatwcNP2icChQSpuR1nWc-KyylQ==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0db681f4101c2e9eac8_in.svg
54.230.111.7200 OK 840 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0db681f4101c2e9eac8_in.svg
IP 54.230.111.7:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (727)
Hash 96cccd078c557c41e24dbf89cfc55c3f
c48f20dba0ea44766e7f97dff5d5b6268c221355
99bcff24d6ab1a663beb6183974ff949662a1d420427e63687efefe42c53e795
GET /6107d6546b656bffc909cd26/624dd0db681f4101c2e9eac8_in.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 11 Jan 2023 00:40:08 GMT
last-modified: Wed, 06 Apr 2022 17:41:48 GMT
etag: W/"5edd93d3ac96637a6387b794ef6bd0ec"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: VP6TR.Hx58N3J68upyMni2nf3wXbty2o
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2510755
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DPmHCSadtRjoutYYSMiGVrwb-bxO-9QkfDDSgVskruUdcuuFB1T8og==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cb10c8881f29d78b8d879cb7ace3ff07
995f646a0a8cbd7b2ae95f9166ea1c2276a26b78
bfa94003f1482133dd142c0a68bc4e6562f8e83ab613193911efb7219fd8f5bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BFA94003F1482133DD142C0A68BC4E6562F8E83AB613193911EFB7219FD8F5BC"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Thu, 09 Feb 2023 08:05:32 GMT
Date: Thu, 09 Feb 2023 02:06:02 GMT
Connection: keep-alive
assets-global.website-files.com/6107d6546b656bffc909cd26/63e0ebd3ea7c876e6b15dd49_132838575177542222_b099aacca88b62d53b9a%20(1).jpg
54.230.111.7200 OK 19 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/63e0ebd3ea7c876e6b15dd49_132838575177542222_b099aacca88b62d53b9a%20(1).jpg
IP 54.230.111.7:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 386x192, components 3\012- data
Hash aba3bdee30005a09facdfe51758288c0
9907e2fd84c155d8d58af33a0f535abcf12e520b
5e94e07f48832101b4a97b3e178c1ad1b976b6ec94852b9f92983f31af14846b
GET /6107d6546b656bffc909cd26/63e0ebd3ea7c876e6b15dd49_132838575177542222_b099aacca88b62d53b9a%20(1).jpg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 18839
date: Mon, 06 Feb 2023 20:20:57 GMT
last-modified: Mon, 06 Feb 2023 12:00:21 GMT
etag: "aba3bdee30005a09facdfe51758288c0"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: PnAMewV2R3JobV8.30faz0sJpfzgrq8T
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 193506
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wUkgqLw17Od65H4ILAXVFwqSaEP_HJqGPqWxJwoGiCnm6uc2GCALAg==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/627427d2da736f4058978eb9_Group.png
54.230.111.7200 OK 3.8 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/627427d2da736f4058978eb9_Group.png
IP 54.230.111.7:0
File type PNG image data, 177 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash 4087d7a43fd6b27cd4233ed8e0987c8a
3b4dfd9c8ac2d0e9dbda0d00b62065b87f0bfdcd
cfb3e26e0bee20b23edfee49e5612266383098273c3d7771a1dacd9b2bf544d1
GET /6107d6546b656bffc909cd26/627427d2da736f4058978eb9_Group.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3806
date: Sun, 08 Jan 2023 00:27:01 GMT
last-modified: Thu, 05 May 2022 19:39:01 GMT
etag: "4087d7a43fd6b27cd4233ed8e0987c8a"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: ADdfUhhjzdLDlFsi6hU7lEUEw.BBUsSo
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2770742
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p8b6nCLO2OWopFfaLN1axKgh6-PgEMrqit-xp-i9rFik-VpKiNE2_Q==
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK
216.58.207.200200 OK 86 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK
IP 216.58.207.200:0
File type ASCII text, with very long lines (39457)
Hash 8a9f24eb702ace046c8fb48ee508535d
ddc640e4b7be447b72047e0ec7e08d0d322165c3
c21a735cdc05e4f1c9c53186beb4f748edb581fca64fa548f6227b30d2814a46
GET /gtm.js?id=GTM-WJM8NRK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 02:06:02 GMT
expires: Thu, 09 Feb 2023 02:06:02 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 00:33:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85618
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.jeff-app.com/scripts/CalcContainer.js
34.159.75.132200 OK 1.2 kB URL HTTP/2 static.jeff-app.com/scripts/CalcContainer.js
IP 34.159.75.132:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 82ac2616e1d69dcd0f361dfa507de7cd
d8326f681a684a8302cddbcb7085373ee531a1ff
30d47546bd8f1370fc73cb343f4519f26feb84b140207ccda165177f8679f21e
GET /scripts/CalcContainer.js HTTP/1.1
Host: static.jeff-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
age: 67869
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Wed, 08 Feb 2023 07:14:53 GMT
etag: "82e75acb51f12449f646f6a530c76cd5-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GRSYRCKGRPTVW44DWCY9D1B7
content-length: 1198
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG81Rb0.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG81Rb0.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21024, version 1.0\012- data
Hash bfc3d01c79dc38b019fe1cd09c1033ed
5ff4586eb711d84c1b0fb66c7e2f6829457588b0
5b2b36199292fd0a66f42de265cbbcaaefce6ebacb6b6a116beebc4e61e8ae8c
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG81Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21024
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 19:57:54 GMT
expires: Thu, 08 Feb 2024 19:57:54 GMT
cache-control: public, max-age=31536000
age: 22088
last-modified: Tue, 19 Apr 2022 18:08:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ281Rb0.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ281Rb0.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20840, version 1.0\012- data
Hash 94caeafec8be6e13f12871d82c760e08
c474b99c4d820c33280983aabdade7498af82297
39f71bd192fef15e3ff9ed3e4ab1c336d6019d97e5a2b7cdcfb136176597c52b
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ281Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 00:59:52 GMT
expires: Fri, 09 Feb 2024 00:59:52 GMT
cache-control: public, max-age=31536000
age: 3970
last-modified: Tue, 19 Apr 2022 18:05:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2
216.58.207.227200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20136, version 1.0\012- data
Hash 74b2666cbba90c8f90a1fa4d2a0f98b7
d67ad16e9989c3af159a0870b909e0ae37f18c33
afba0a9e71e6bf5b89cb8ea73a331d6f16d8ad0d9059fd5270e424c2b372da82
GET /s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20136
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:15:50 GMT
expires: Sat, 03 Feb 2024 02:15:50 GMT
cache-control: public, max-age=31536000
age: 517812
last-modified: Tue, 19 Apr 2022 18:13:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm87Rb0bcw.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm87Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12332, version 1.0\012- data
Hash 68f359110ddbab73367a98d657ad3ca6
22c9a18d7a470109b24124736b95f479aa152593
16f7f28cd79e331da4b267c4d9a440a07490d687037645987ea93a68edd9e11d
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm87Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 01:29:53 GMT
expires: Sun, 04 Feb 2024 01:29:53 GMT
cache-control: public, max-age=31536000
age: 434169
last-modified: Tue, 19 Apr 2022 18:26:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm81Rb0.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm81Rb0.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20816, version 1.0\012- data
Hash c89fa3b7b7560a9cc924364c3651fc21
0d36d701b1b9158145f5167799533f5f21a6c314
5fdd06615194a9a10ddc8b928c428e2dbb2b20ed70dfcafe40de89cddaf61f12
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm81Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:18:58 GMT
expires: Sat, 03 Feb 2024 02:18:58 GMT
cache-control: public, max-age=31536000
age: 517624
last-modified: Tue, 19 Apr 2022 18:08:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6107d6546b656bffc909cd26
54.230.245.192200 OK 41 kB URL HTTP/2 d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6107d6546b656bffc909cd26
IP 54.230.245.192:0
File type ASCII text, with very long lines (65451)
Hash 4c878dc8f3d9f5435913a9231649ba39
86ace6ead00c010e9b59813f26401aed0c80e996
48c6f1f68945e0288f7e7a51e82b9714ad9b334e4c99e8879651fc21c86fbd3f
GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=6107d6546b656bffc909cd26 HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
content-encoding: br
date: Wed, 08 Feb 2023 05:05:52 GMT
cache-control: max-age=84600, must-revalidate
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
age: 75641
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m2UiXs0xleRgFSlm7-qjZuWISmEXQ-tS3pRAcAnpViqWYp_MRFn6QQ==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ287Rb0bcw.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ287Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12132, version 1.0\012- data
Hash d8c3fbd445568cc3464a7b83715eb02f
8fadbd8de214b29c7791b720e50cf3485ed06784
a26854f297793040b3587a207fbbaac3b61c4b4aaefda33b720e920251896a33
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ287Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12132
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 19:14:50 GMT
expires: Tue, 06 Feb 2024 19:14:50 GMT
cache-control: public, max-age=31536000
age: 197472
last-modified: Tue, 19 Apr 2022 18:08:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW86Rb0bcw.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW86Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11100, version 1.0\012- data
Hash 891506a586c32ab1d43857d6455c9f9e
f32fa2f4d6e69a1796b9adebb837b23e2b52c79b
d0f14805c4f59ff808400de351404874309171b89d378b87de32719d04810b49
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW86Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 10:29:51 GMT
expires: Wed, 07 Feb 2024 10:29:51 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:12:02 GMT
content-type: font/woff2
age: 142571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm86Rb0bcw.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm86Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11072, version 1.0\012- data
Hash feac5a03593138287f348533d7864f85
a6c0ba2cc99810388b245048d88d619b8d6bdf16
a7cc6e59d8515b32c8a24943605545663453210ed0f51005e6f259224d4c35a4
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm86Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 15:44:57 GMT
expires: Fri, 02 Feb 2024 15:44:57 GMT
cache-control: public, max-age=31536000
age: 555665
last-modified: Tue, 19 Apr 2022 18:06:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ286Rb0bcw.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ286Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11176, version 1.0\012- data
Hash 1fb73ebec7849f13b133f22fa96a1956
3d1bfb246b36da591fb64147941f2141870d1733
fe0e476d081283bccd12deb3adf743da1a7b9b05ec96b9cfab3a300c29430069
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ286Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11176
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 00:44:52 GMT
expires: Tue, 06 Feb 2024 00:44:52 GMT
cache-control: public, max-age=31536000
age: 264070
last-modified: Tue, 19 Apr 2022 18:06:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSQI281Rb0.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSQI281Rb0.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21208, version 1.0\012- data
Hash 74f93ec1a48da90748c0be825f5d5e91
2c5f5bc8dbb17f0599726820e09c4b6383bdc25d
9a6403be855cf28f8fc7eb0ec377f8fe84e4508da830f6a1cffe96040d3c48ec
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSQI281Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 03:44:53 GMT
expires: Sat, 03 Feb 2024 03:44:53 GMT
cache-control: public, max-age=31536000
age: 512469
last-modified: Tue, 19 Apr 2022 18:14:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW87Rb0bcw.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW87Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12352, version 1.0\012- data
Hash 2ca7d93b0f3cf6fb8acc7a57cfb855a9
4862b5d3df3b4b1e343fa1f72ecaf23bbe4c4130
5c74d26fa05df23036cb8406bc0f4f719d0004fd0fd671304286dee3c68f781e
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW87Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 03:44:53 GMT
expires: Sat, 03 Feb 2024 03:44:53 GMT
cache-control: public, max-age=31536000
age: 512469
last-modified: Tue, 19 Apr 2022 18:03:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HS0Im81Rb0.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HS0Im81Rb0.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20640, version 1.0\012- data
Hash bb55f11c4c165aff6990136ead59fc1d
411672d0fd1e86b6024ab44ec7ee5c21b91816eb
ee0eab7c78914d952b5119684d1aed29aec2707fe7cc1b1bb75771fe87ca68b4
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HS0Im81Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20640
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 11:35:07 GMT
expires: Thu, 08 Feb 2024 11:35:07 GMT
cache-control: public, max-age=31536000
age: 52255
last-modified: Tue, 19 Apr 2022 18:10:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw5BXoKZA.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw5BXoKZA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11812, version 1.0\012- data
Hash 36c89462b574e7b2fb7eec0b957ba664
e051822b0746088706225243c3a4b5d1d18cdbe8
5089932a425db8912573a4808c785d2881ce9089791752eccd8d5d839c212acf
GET /s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw5BXoKZA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 02:06:02 GMT
expires: Fri, 09 Feb 2024 02:06:02 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:09:11 GMT
content-type: font/woff2
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG87Rb0bcw.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG87Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12644, version 1.0\012- data
Hash 1b27fe1cd212141ee05bd77bb3fb5698
d064c66e6ebf640f615009690fcc44bf7385e832
6763cceefa8d31d62ac72ff2ac0dfe4ea30215fead28d7afebe5ca01cf1d9221
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG87Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 12:29:07 GMT
expires: Fri, 02 Feb 2024 12:29:07 GMT
cache-control: public, max-age=31536000
age: 567415
last-modified: Tue, 19 Apr 2022 18:05:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG86Rb0bcw.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG86Rb0bcw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11412, version 1.0\012- data
Hash f0e8bb3cc78f81dd7e7b76a3b737f136
cb799376b9de709d13f2616f7ce9e38dc4c5b7c9
ce776e36ca591b5ae2ac1ef88f220a13dff461eb4ec3c2994d789853165effa6
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG86Rb0bcw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 11:29:39 GMT
expires: Sat, 03 Feb 2024 11:29:39 GMT
cache-control: public, max-age=31536000
age: 484583
last-modified: Tue, 19 Apr 2022 18:15:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8254
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 02:06:02 GMT
Connection: keep-alive
fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW81Rb0.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW81Rb0.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20960, version 1.0\012- data
Hash 4b87ee4dbdebe6ccc27d78abdc1be4d0
bc5608fb2aa8f618123a243149c9503bf8353eed
68d5079784cb170ff863dd8ce87ab5b1562f78604fc6a58e364d79073339e09c
GET /s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW81Rb0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 02:14:52 GMT
expires: Wed, 07 Feb 2024 02:14:52 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:06:16 GMT
content-type: font/woff2
age: 172270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:24:16 GMT
age: 63707
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9ebfbd-8f55-4e32-8ea1-303aa280ea51.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9ebfbd-8f55-4e32-8ea1-303aa280ea51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b11f9f70f5e8af4de6d9fc5b9f50ccbe
753cb08c3f8c7c0750d113253790a08db01986bc
d4b77ba995ea274fd169fc9bc66919b23e72a8edb88d6184bf3d7f3ab398c645
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9ebfbd-8f55-4e32-8ea1-303aa280ea51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11036
x-amzn-requestid: 4bd4976c-9500-4d6d-a447-dd2873987d13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswexHCYIAMFzag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-61d430202cbbf52823f38c49;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3U29-_iFXSAoG74d9-pJmmWfVbO6f2Y91lLvi7nXxgNYWKNvbFTRyQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:48:54 GMT
age: 62229
etag: "753cb08c3f8c7c0750d113253790a08db01986bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 113363afa7cfd484dbc115a9f44c1723
2f9dfb845aa919a51a0b5fa9a824ac4845f669be
a91a045600ef2fdebd582ce453a85f7ce0c9f8be7258baf311d0d940de027c20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4308
x-amzn-requestid: 2d4ce596-9a69-4394-8e10-cd5c54687a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzKZ0F2DoAMF6nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddf10b-6c4fabe01360b8781bdd8e06;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 05:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R_VDTHUaRhwthD0THsWg42L1OF7lZAX3ENsTfV0U7kkn9o0x-mQ_9g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 13:53:53 GMT
age: 43930
etag: "2f9dfb845aa919a51a0b5fa9a824ac4845f669be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3509a9bb-f5d1-4723-96d3-e2a87a28bbf4.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3509a9bb-f5d1-4723-96d3-e2a87a28bbf4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6c45da743665658afcfbf2309e1594b
04d025452dcec571f3eb6068499290d86e0c4c30
3ddfcf83ea18ba20700364c7095750a142a15575c988ba5688ed2f4dbbba4ee8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3509a9bb-f5d1-4723-96d3-e2a87a28bbf4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6471
x-amzn-requestid: ab4c8119-a2f0-4b3d-bbed-b34c5a0a7a30
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiGaGsjoAMFmZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e416f5-7298e0530bee8f997b552e6e;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:41:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qxzdVgRauaFA1GnS6m2WJr7zkXVIpFUNZN0r_mdAQvkDu4nzYanjzQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:10:41 GMT
age: 14122
etag: "04d025452dcec571f3eb6068499290d86e0c4c30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8253
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 02:06:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fc553a8677d9c0bf4835a0c29a7345c
ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8
e821faf86e44f2b9c9d5bd8cd3575c0a99acfc58774077034c413e345a7c0c0c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7451
x-amzn-requestid: a900a5b4-85cd-4817-8e70-2516eb33a0a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fox8IHMuIAMFdHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9c9e7-1122726b315a7c5623d1ff3f;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 02:09:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0giOb6VA3jgf_3ep6DqSBrFhYz8aBNWTjxpitvm9NWe2oNQlJ5UbEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:09:32 GMT
age: 14191
etag: "ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce710ab5746832fe637fada3e6d63abf
d545c85d4a8cf92dc8b88db0a056623d1ef7a943
40bae4a2fb9dd60e9339d15ad0838f3ca83b5b6275c35cd22878b6783fcd6247
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: c3dabd4b-797b-4bbe-8824-5f502ff477b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2aG-IoAMFfnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf5-68de905b2ed5bfe46a87e688;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AX-TsURes3Bn0RrAnH7TnsouJdkcOpbq7f7KAzPMWq4RMBH8FWMz7g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 17:45:22 GMT
age: 30041
etag: "d545c85d4a8cf92dc8b88db0a056623d1ef7a943"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8253
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 02:06:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8253
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 02:06:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 22a8efcf0930eff1de75c0cba34b2be9
ab8ae4541fd98623f8336963913c8740fb1761ab
0c57980c1814bfa036cb6d151570447e865a4e89a6d24660526addaec286c519
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4575
Cache-Control: max-age=123429
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Etag: "63e38251-1d7"
Expires: Fri, 10 Feb 2023 12:23:12 GMT
Last-Modified: Wed, 08 Feb 2023 11:06:57 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 8e109baddb22b573a373457259aac9ac
f5f95ff6171d3cb8b274fa8c1eb361a98faaf423
f6d6b1beb6eb4837871a5b74c2f74ef9d1fc27b9f86b4eeba62c43cebf8914a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5392
Cache-Control: max-age=127139
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Etag: "63e38d9e-13a"
Expires: Fri, 10 Feb 2023 13:25:02 GMT
Last-Modified: Wed, 08 Feb 2023 11:55:10 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
11882785.fls.doubleclick.net/activityi;src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253?
142.250.74.70200 OK 321 B URL HTTP/2 11882785.fls.doubleclick.net/activityi;src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (592), with no line terminators
Hash be4c764136e61c05d217d915fd461195
6383823c7ad85d819f602afbf313791c7a59127f
e6869a11bf75d082eaedddf6176acd79751b69e1f303542bd637db3b570cf299
GET /activityi;src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253? HTTP/1.1
Host: 11882785.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 02:06:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 321
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 09-Feb-2023 02:21:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253
142.250.74.34200 OK 320 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (591), with no line terminators
Hash c74ff360ad5b7b17f53ffb9c0beedd5a
c019cd5b555c78f96518d0701f2c3a370c33255b
90325e804943d488374a95662eca5fac400d6b728b1bb89700b47a646aa3e532
GET /ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11882785.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 02:06:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253
142.250.74.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=11882785;type=rmkt;cat=202200;ord=1262206783432;gtm=45He3280;auiddc=596764192.1675908420;~oref=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 02:06:03 GMT
expires: Thu, 09 Feb 2023 02:06:03 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0fc3e2be9a02b14fdb24e92d26da8838
d55b2ea7ea9d97de65bd0833926173f205591b6e
55958bd04c967f293dd41c5f4cd5fc52eaaad9738af71c0910fad08b11996c24
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4530
Cache-Control: max-age=132354
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Etag: "63e3a55b-139"
Expires: Fri, 10 Feb 2023 14:51:57 GMT
Last-Modified: Wed, 08 Feb 2023 13:36:27 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9c0e95ec1969d04cbbe1a963f9556eac
6d9f7db5133272b8f78348469f8a007a74c64933
8eaba7c4d361e9320711b8d55b568074f3246cea376dd382c4ff8940ed57c438
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4598
Cache-Control: max-age=99349
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:03 GMT
Etag: "63e3242a-139"
Expires: Fri, 10 Feb 2023 05:41:52 GMT
Last-Modified: Wed, 08 Feb 2023 04:25:14 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:02 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=mRVIRl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBna3c1YUJ4ZXFja0JVcFQ0a3U1a05IVDZGbEJqdTVHTmFwWTRFRnVrYVQ; expires=Tue, 05 Mar 2024 02:06:03 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 330442
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash ef17a68c77d3f30c049f15916fa92a6f
f5d35ca43f8ed49cc9f118b139c6277374680408
ccc54a44c20983853aa93b74cd87ecb1941429af41643fa66231923531359f0f
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151631
Date: Thu, 09 Feb 2023 02:06:03 GMT
Etag: "63e4025a-1d7"
Expires: Fri, 10 Feb 2023 20:13:14 GMT
Last-Modified: Wed, 08 Feb 2023 20:13:14 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oG2PvTQCDlVt0_V3Z-_CrHSgaCmMtIbQdfx_nObKw85F4WtVE1dJTw==
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 8ae4c9c54bb656fd242ddd41f32e6756
d646f81cf788d357099f8ed686ad26a39a678e24
b28464491bd5e5c054cc90c91e30393dcdaaf8d2b4d36459a86a0fafa1d279e9
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 02:06:04 GMT
Last-Modified: Thu, 09 Feb 2023 00:29:14 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TYll8nc7qp1_lQRoV0sN9_XVx1yMVXWjDg4KAoQ1uitWGLS73KviAg==
Age: 5811
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 84cfccd989c385f23bd4401626eea691
b716a1beccd1280ae78118bb4a0d14df5a310d01
c2c6b22d22860589185720e05b1510541bec86446a6daf6a9e75ba7f1a5ffd61
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 02:06:04 GMT
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fq6uqk-dAMYnbK-_vxtTvm6eIoU91zHeDOy4eW0OJz17UgVCOrp7VA==
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 52a7b9bd0f6104da2386adc851afb050
8fb8e3ee8109387c7922485101e6ab5121d78d44
452f769d0eeb71d08561be388b7e9b04153fc9af123385dad13578f9966d4649
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 02:06:04 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LrEAkoXMcwHz0RlQpFdudzUezkrhPUpDcJ7z37d4mQv6Zm1MvFyqbQ==
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 84cfccd989c385f23bd4401626eea691
b716a1beccd1280ae78118bb4a0d14df5a310d01
c2c6b22d22860589185720e05b1510541bec86446a6daf6a9e75ba7f1a5ffd61
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 02:06:04 GMT
Server: ECS (dcb/7EC9)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yANj1qX7-NlKE92ngCxjpwXUzqOAT_cIz17N_jGCEm9Ydd-FtpjtQw==
ocsp.globalsign.com/alphasslcasha256g4
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.21.226:0
Hash 06f3b2d00a1b1575b8142ddb0ec3d5db
b63a9035da42f3e404f0e0412440a1a950f887ae
bd7f812befc37e89d40e5733a5cb527040c6241ddb3d06b78119bb0f198acc7a
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 02:06:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Sun, 12 Feb 2023 23:31:09 GMT
ETag: "b63a9035da42f3e404f0e0412440a1a950f887ae"
Last-Modified: Wed, 08 Feb 2023 23:31:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79690b2cb9fdb50f-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb93980a309f5c43e3e26c326f67f523
93b7caa5200d94d3bb7f9101c86b842567e605ba
105524a206be40e9cb22fd55d80a8618f5e5edf453a9e3475c3673212f69813f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5185
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:04 GMT
Last-Modified: Thu, 09 Feb 2023 00:39:39 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
api.jeff-app.com/lead-api/web/collect
3.7.213.239200 OK 0 B URL HTTP/2 api.jeff-app.com/lead-api/web/collect
IP 3.7.213.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lead-api/web/collect HTTP/1.1
Host: api.jeff-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jeff.vn/
Origin: https://www.jeff.vn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.jeff.vn
access-control-expose-headers: Authorization
access-control-allow-credentials: true
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
X-Firefox-Spdy: h2
sp.jeff.vn/com.snowplowanalytics.snowplow/tp2
43.205.2.12200 OK 0 B URL HTTP/2 sp.jeff.vn/com.snowplowanalytics.snowplow/tp2
IP 43.205.2.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: sp.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.jeff.vn/
Origin: https://www.jeff.vn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-length: 0
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.2.7
X-Firefox-Spdy: h2
sp.jeff.vn/com.snowplowanalytics.snowplow/tp2
43.205.2.12200 OK 2 B URL HTTP/2 sp.jeff.vn/com.snowplowanalytics.snowplow/tp2
IP 43.205.2.12:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert quad9 Sinkholed
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: sp.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1057
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Cookie: _gcl_au=1.1.596764192.1675908420; cto_bundle=nVzXWF9zUzF5SnZhajdaJTJGb3paVHVOMVRyN3AyeGF4aHolMkI3MEpVREJENkFMZTl5eVRWZzZON240VWFCMkolMkI1d0tuSE5vY2RrQ243ME4lMkJ3M1dNb0p4aGp2YyUyQlZoTU9XYlBBZXFuZ1UxY2hYdmt5bjVMRVdNd3BFU1JlZlBacTE0UkRmTHI; _sp_ses.4563=*; _sp_id.4563=0df3c25b-7b8b-4d7a-b2e2-160518d69597.1675908421.1.1675908421..99c26dc6-0a63-49e1-a5db-43cd5b021fa8..da6679dc-ffe2-46fc-aec8-55680fc37019.1675908420647.1; utm_source=publisher; utm_medium=cpc; utm_campaign=Leadbit-CPL; utm_content=103253; utid=63E454F47EED7B14FD07B699; publisher_name=Leadbit-CPL; publisher_click_id=63E454F47EED7B14FD07B699; query_params_json=W3sia2V5IjoidXRtX3NvdXJjZSIsInZhbHVlIjoicHVibGlzaGVyIn0seyJrZXkiOiJ1dG1fbWVkaXVtIiwidmFsdWUiOiJjcGMifSx7ImtleSI6InV0bV9jYW1wYWlnbiIsInZhbHVlIjoiTGVhZGJpdC1DUEwifSx7ImtleSI6InV0aWQiLCJ2YWx1ZSI6IjYzRTQ1NEY0N0VFRDdCMTRGRDA3QjY5OSJ9LHsia2V5IjoidXRtX2NvbnRlbnQiLCJ2YWx1ZSI6IjEwMzI1MyJ9XQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
set-cookie: sp=573e1315-901e-45f6-9afa-3fd97b62aa44; Expires=Fri, 09 Feb 2024 02:06:04 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
server: akka-http/10.2.7
X-Firefox-Spdy: h2
page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
49.213.114.167200 OK 1.7 kB URL HTTP/2 page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3695), with no line terminators
Hash 45ac1a3dd4f84d427eaa8284843d35b5
87f7de4a411f924aef7c1259311b3f8924a493f3
d550ce7a182aabaf1f8cf3c085a9570fb9c933ea69f2515344db1795605291ec
GET /?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-length: 1721
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
sp.jeff.vn/com.snowplowanalytics.snowplow/tp2
43.205.2.12200 OK 2 B URL HTTP/2 sp.jeff.vn/com.snowplowanalytics.snowplow/tp2
IP 43.205.2.12:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert quad9 Sinkholed
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: sp.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1336
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Cookie: _gcl_au=1.1.596764192.1675908420; cto_bundle=nVzXWF9zUzF5SnZhajdaJTJGb3paVHVOMVRyN3AyeGF4aHolMkI3MEpVREJENkFMZTl5eVRWZzZON240VWFCMkolMkI1d0tuSE5vY2RrQ243ME4lMkJ3M1dNb0p4aGp2YyUyQlZoTU9XYlBBZXFuZ1UxY2hYdmt5bjVMRVdNd3BFU1JlZlBacTE0UkRmTHI; _sp_ses.4563=*; _sp_id.4563=0df3c25b-7b8b-4d7a-b2e2-160518d69597.1675908421.1.1675908421..99c26dc6-0a63-49e1-a5db-43cd5b021fa8..da6679dc-ffe2-46fc-aec8-55680fc37019.1675908420647.2; utm_source=publisher; utm_medium=cpc; utm_campaign=Leadbit-CPL; utm_content=103253; utid=63E454F47EED7B14FD07B699; publisher_name=Leadbit-CPL; publisher_click_id=63E454F47EED7B14FD07B699; query_params_json=W3sia2V5IjoidXRtX3NvdXJjZSIsInZhbHVlIjoicHVibGlzaGVyIn0seyJrZXkiOiJ1dG1fbWVkaXVtIiwidmFsdWUiOiJjcGMifSx7ImtleSI6InV0bV9jYW1wYWlnbiIsInZhbHVlIjoiTGVhZGJpdC1DUEwifSx7ImtleSI6InV0aWQiLCJ2YWx1ZSI6IjYzRTQ1NEY0N0VFRDdCMTRGRDA3QjY5OSJ9LHsia2V5IjoidXRtX2NvbnRlbnQiLCJ2YWx1ZSI6IjEwMzI1MyJ9XQ%3D%3D; sp=573e1315-901e-45f6-9afa-3fd97b62aa44
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
set-cookie: sp=573e1315-901e-45f6-9afa-3fd97b62aa44; Expires=Fri, 09 Feb 2024 02:06:04 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
server: akka-http/10.2.7
X-Firefox-Spdy: h2
page.widget.zalo.me/static/js/cphandler.js
49.213.114.167200 OK 2.3 kB URL HTTP/2 page.widget.zalo.me/static/js/cphandler.js
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type ASCII text, with CRLF line terminators
Hash e02df3ae5979d6de788855361ac9bbda
31e91f3c2fc467f95fe9a55206a39d554c41e005
2ba7f537cfd492f21b02ee954827b8db82ceaac1699695f5b1c3719d4dc07207
GET /static/js/cphandler.js HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: application/javascript
content-length: 2279
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
page.widget.zalo.me/static/js/zinit.js?v5
49.213.114.167200 OK 900 B URL HTTP/2 page.widget.zalo.me/static/js/zinit.js?v5
IP 49.213.114.167:0
ASN #38244 VNG Corporation
Hash 562ebdb09ae3d87ce07b643e4e23b5d5
897f82c06b6f72452ff474bd14c27ba4460fed7c
c2139788118e243dc0c322959e5404b29ba73fbee0605c890fda2dc37d1ef764
GET /static/js/zinit.js?v5 HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: application/javascript
content-length: 900
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=jeff.vn&sn=FirefoxSyncframe&so=0&topUrl=www.jeff.vn&info=BajZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBna3c1YUJ4ZXFja0JVcFQ0a3U1a1BnZTlwWTNUWjB4SUdNcUFQemNEc3M&idsd=1137633689,1915777388&cw=1&lsw=1
178.250.0.157200 OK 8.2 kB URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=jeff.vn&sn=FirefoxSyncframe&so=0&topUrl=www.jeff.vn&info=BajZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBna3c1YUJ4ZXFja0JVcFQ0a3U1a1BnZTlwWTNUWjB4SUdNcUFQemNEc3M&idsd=1137633689,1915777388&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (20644)
Hash 218a3c7497a1b3576dbc2537985eb593
00e29649c0ccf67d34223e0447579f037e678aef
61609b7847dac446c02194fa8e8c19dd0285b0ea77fd936850bd12419b26eb1c
GET /sid/json?origin=onetag&domain=jeff.vn&sn=FirefoxSyncframe&so=0&topUrl=www.jeff.vn&info=BajZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBna3c1YUJ4ZXFja0JVcFQ0a3U1a1BnZTlwWTNUWjB4SUdNcUFQemNEc3M&idsd=1137633689,1915777388&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:03 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1531972
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656bb88409cd90_ava25.png
54.230.111.7200 OK 6.8 kB URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656bb88409cd90_ava25.png
IP 54.230.111.7:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 91d673117e2a381f4f31bcfea2defd05
802fbc599fae6d5e85e8c26069c9866390aea81c
2406055062edbe53407e63e3949ab4f4d945c5d2be748171163cab174464fc15
GET /6107d6546b656bffc909cd26/6107d6546b656bb88409cd90_ava25.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 6840
date: Tue, 24 Jan 2023 01:50:35 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: "91d673117e2a381f4f31bcfea2defd05"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: qsphhL6ln.fw2lXhI0Z..SLYKZVg1SFv
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1383330
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IRndBq9nYSPPkyF-B27YFEp0qD0Cjjy7f4qtn9-j6RZE0yJ43ZovsA==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/61b8f8110ac8d91a46e05b3b_fav1.png
54.230.111.7200 OK 546 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/61b8f8110ac8d91a46e05b3b_fav1.png
IP 54.230.111.7:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d3b64a42ca66fa9345e360b54a50059
c427d4a18ac2b9ca6b8a57e6e86c9293d424eb61
0797988ad3ff6e5a9818ec8637d60b6fbc67525cdf7eabbe38e78e7443c03f9a
GET /6107d6546b656bffc909cd26/61b8f8110ac8d91a46e05b3b_fav1.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 546
date: Tue, 31 Jan 2023 05:53:01 GMT
last-modified: Tue, 14 Dec 2021 20:01:23 GMT
etag: "8d3b64a42ca66fa9345e360b54a50059"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 8MwK.0QGsjy.IVILxs2yFuZY6K_Dd3IJ
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 763984
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JS4lZyES8sv82hKuapmDzZ_6ocgNn94SIRhSkmzqEDtaAoKYQQoKXg==
X-Firefox-Spdy: h2
vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
54.230.111.85200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
IP 54.230.111.85:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 112fdf47cdb80b9ce3d033ed09717460
3898efa86cbf1b64dc41a90a110ed5afd6f2ae13
3bfb2e882091d872eece2eee40084183a5fcb0a7ed98c1b004850751260a4cbb
GET /box-e031119f9e9e307a08fa610f85dbfb52.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kJPkuzgGzfjBHmQA4aYL0B6Itnb_OKY4ynis5si71lGMHpMvL3mr-w==
age: 478559
X-Firefox-Spdy: h2
script.hotjar.com/modules.14cb8958c3e3566a4606.js
54.230.111.93200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.14cb8958c3e3566a4606.js
IP 54.230.111.93:0
File type Unicode text, UTF-8 text, with very long lines (48770)
Hash 5331176444d8700436c501005f6a0731
d0f73de83bc0720ec98240ab04878a317491d640
07c3a5946b698fa789f6f4f6924761ffbc6808e145cba46c657092f9b36fee8a
GET /modules.14cb8958c3e3566a4606.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68072
date: Wed, 08 Feb 2023 15:48:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5331176444d8700436c501005f6a0731"
last-modified: Wed, 08 Feb 2023 15:47:26 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jvYn6uxNTpYVS0KCf9FUfF6_-WDgdQJ5vrHbKWgy9P9QB8eX_cOcLA==
age: 37079
X-Firefox-Spdy: h2
za.zdn.vn/v3/za.js
120.138.69.5200 OK 7.9 kB IP 120.138.69.5:0
ASN #38244 VNG Corporation
File type ASCII text, with very long lines (20288)
Hash f564f342d4aceb3656fe5ce80ff95604
f566114e9aab52a85f8b6a25084a1068902ff65a
997a41a9400322ad6e066d89a5048e04a5156223aea186cce1bf3446f2de5cb9
GET /v3/za.js HTTP/1.1
Host: za.zdn.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: application/javascript
content-length: 7910
last-modified: Mon, 10 Jan 2022 09:12:24 GMT
etag: W/"61dbf878-4f41"
content-encoding: gzip
age: 372
access-control-allow-origin: *
X-Firefox-Spdy: h2
za.zalo.me/v3/le?msg=Set%20visitor%20id%20while%20it%20is%20invalid%3A%20&ver=2201101603&r=1675908422093
49.213.114.149200 OK 0 B URL HTTP/2 za.zalo.me/v3/le?msg=Set%20visitor%20id%20while%20it%20is%20invalid%3A%20&ver=2201101603&r=1675908422093
IP 49.213.114.149:0
ASN #38244 VNG Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/le?msg=Set%20visitor%20id%20while%20it%20is%20invalid%3A%20&ver=2201101603&r=1675908422093 HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:05 GMT
content-length: 0
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2
za.zalo.me/v3/w/t
49.213.114.149200 OK 193 B IP 49.213.114.149:0
ASN #38244 VNG Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash 8e5df1e602d5b7fd56d35bca3f8b8cc2
00a9a487f3d42adefc118f2d21b5157c15fc7302
c7b9e19e7a9acde205b2ce2463e8bba0d867cd480b951332121022d445891a42
POST /v3/w/t HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 316
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:05 GMT
content-type: application/json; charset=utf-8
content-length: 193
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
set-cookie: __zi=2000.VPtvheCV6jGvZl6qdrj2cJ-FzhoUK47SEu7pzPPMJjeqXFx-C0.1;Secure;SameSite=None;Path=/;Domain=zalo.me;Max-Age=62208000
__zi-legacy=2000.VPtvheCV6jGvZl6qdrj2cJ-FzhoUK47SEu7pzPPMJjeqXFx-C0.1;Path=/;Domain=zalo.me;Expires=Wed, 29-Jan-2025 02:06:05 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2
jeffvn.pushengage.com/dialog.css
54.174.94.80200 OK 5.6 kB URL HTTP/2 jeffvn.pushengage.com/dialog.css
IP 54.174.94.80:0
Hash e51ac43b3b8fa254365daacb101ac303
325fb8e0d92b46c6ac7345811c7fff82d73f7b6f
0ee366f6753f2d2f3623d4342e705a956ed010a5cf7c13cf78e59b1afabba84d
GET /dialog.css HTTP/1.1
Host: jeffvn.pushengage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: text/css;charset=UTF-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
za.zalo.me/v3/w/t
49.213.114.149200 OK 177 B IP 49.213.114.149:0
ASN #38244 VNG Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash b18a368545ef60890666b9b22b9550a1
0b6f1636c13ed99af0119c45e6f1b0b617368862
59a0dd8dedf9fe4ac50ba7008001c934df5f5ac2348f6f7358793a6fb2519c89
POST /v3/w/t HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 585
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:05 GMT
content-type: application/json; charset=utf-8
content-length: 177
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
set-cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1;Secure;SameSite=None;Path=/;Domain=zalo.me;Max-Age=62208000
__zi-legacy=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1;Path=/;Domain=zalo.me;Expires=Wed, 29-Jan-2025 02:06:05 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6315
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:06 GMT
Last-Modified: Thu, 09 Feb 2023 00:20:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: h2hMnU6aZXz26JTlDCSv6CtDI4XcDZJ0xinke3ZIhxV6f8JPjSHBJHhVrm4KKFoWIwihjWUQ2rXs8RULTr9kjQ==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 02:06:06 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
page.widget.zalo.me/static/locales/vi/translation.json
49.213.114.167200 OK 1.0 kB URL HTTP/2 page.widget.zalo.me/static/locales/vi/translation.json
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type JSON data\012- , Unicode text, UTF-8 text
Hash d9b26a1e67f11e3bcc219a2d7b4c9df3
fc758dc7f8d34a1fed11b19073c08f61f396981e
4d4a458ed10c41e81e1abd276d9649ac4ed0a3ec26b140725c554313ab6cce0a
GET /static/locales/vi/translation.json HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Connection: keep-alive
Cookie: __zi=2000.VPtvheCV6jGvZl6qdrj2cJ-FzhoUK47SEu7pzPPMJjeqXFx-C0.1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:05 GMT
content-type: application/json
content-length: 1037
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 12 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39395), with no line terminators
Hash 4f378a725368a42971cd69e29f75db89
2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e
6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 97C8BC2E84594E3FA0E3E70352CDB91C Ref B: OSL30EDGE0314 Ref C: 2023-02-09T02:06:06Z
date: Thu, 09 Feb 2023 02:06:05 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6315
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:06 GMT
Last-Modified: Thu, 09 Feb 2023 00:20:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/signals/plugins/identity.js?v=2.9.95
31.13.72.12200 OK 21 kB URL HTTP/2 connect.facebook.net/signals/plugins/identity.js?v=2.9.95
IP 31.13.72.12:0
File type ASCII text, with very long lines (60008)
Hash 4ab212d67df0d744f74a6f6a257b2653
7844504c6b52741b4467b98856b2da4d2e276630
6b5ed11f9d9bfad094e0177b6339804dbdccfece80ea0636343349543ca69c63
GET /signals/plugins/identity.js?v=2.9.95 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: EbWYiC/DkilcF80H2sB9o6nnfwAcuI+yz8Zoe8JvhDJtFdqgpmkUYMaUoX3uVFc8JUMVhrirTwg+4AlTJzU2VA==
priority: u=3,i
content-length: 20722
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 02:06:06 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=149005296&tm=gtm002&Ver=2&mid=e97cb299-27d6-4902-b63b-fc274ee43d9d&sid=71f65a20a81e11edb646d9203f5a67c2&vid=71f67250a81e11ed963737b412033271&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&p=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&r=<=3203&evt=pageLoad&sv=1&rn=64035
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=149005296&tm=gtm002&Ver=2&mid=e97cb299-27d6-4902-b63b-fc274ee43d9d&sid=71f65a20a81e11edb646d9203f5a67c2&vid=71f67250a81e11ed963737b412033271&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&p=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&r=<=3203&evt=pageLoad&sv=1&rn=64035
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=149005296&tm=gtm002&Ver=2&mid=e97cb299-27d6-4902-b63b-fc274ee43d9d&sid=71f65a20a81e11edb646d9203f5a67c2&vid=71f67250a81e11ed963737b412033271&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&p=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&r=<=3203&evt=pageLoad&sv=1&rn=64035 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1ACBE9807D406B2F0628FB337C176AED; domain=.bing.com; expires=Tue, 05-Mar-2024 02:06:06 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DCFB41F21E5349F0918A4E676324416A Ref B: OSL30EDGE0314 Ref C: 2023-02-09T02:06:06Z
date: Thu, 09 Feb 2023 02:06:05 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/149005296.js
13.107.21.200200 OK 1.5 kB URL HTTP/2 bat.bing.com/p/action/149005296.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 739c33a2c4a195f346b141d526747a53
ef850382c38799130e2646b84e3a7b7e72efa74b
f2a2e722c1a80cc3a085a319af1a6e95d229c3fad9e7dc8b1a8c1aa9d2889c5e
GET /p/action/149005296.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1498
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D75F7BE57A364DFC8140DA5A880A97E6 Ref B: OSL30EDGE0314 Ref C: 2023-02-09T02:06:06Z
date: Thu, 09 Feb 2023 02:06:05 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f48f5af6c6f7f29ec5818d38b1ec633b
1fdafc01b4ace0cb414124d26aef7d30beb0ca4f
994b69b40573d29ee40cd8dd6538f77c1140f2386fbc7ef46e5665162a782085
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:06 GMT
Etag: "63e34f96-1d7"
Server: ECS (amb/6BA9)
Content-Length: 471
www.facebook.com/tr/?id=504317807104934&ev=PageView&dl=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&rl=&if=false&ts=1675908423892&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675908423891.987414896&it=1675908423124&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=504317807104934&ev=PageView&dl=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&rl=&if=false&ts=1675908423892&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675908423891.987414896&it=1675908423124&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=504317807104934&ev=PageView&dl=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&rl=&if=false&ts=1675908423892&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675908423891.987414896&it=1675908423124&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 09 Feb 2023 02:06:06 GMT
X-Firefox-Spdy: h2
px.dmp.zaloapp.com/static/zdmp_tr_px.js
49.213.114.180200 OK 2.6 kB URL HTTP/2 px.dmp.zaloapp.com/static/zdmp_tr_px.js
IP 49.213.114.180:0
ASN #38244 VNG Corporation
File type ASCII text, with very long lines (2647), with no line terminators
Hash 3ef744e78aeed6156b780503bd74bb97
5f2ea6ef1c85a8b0e01896f0a72e38e4a7ee9ece
0f7242dd0414ccc179b5e08a6bcd8e8334683f4339d1f7bb082555d4ea1684a6
GET /static/zdmp_tr_px.js HTTP/1.1
Host: px.dmp.zaloapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:06 GMT
content-type: application/javascript
content-length: 2647
last-modified: Tue, 27 Dec 2022 07:33:52 GMT
etag: "63aa9fe0-a57"
accept-ranges: bytes
server: za-ngx-srv
cache-control: no-cache, max-age=0
X-Firefox-Spdy: h2
d.clarity.ms/collect
40.76.174.66204 No Content 0 B IP 40.76.174.66:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 43074
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
date: Thu, 09 Feb 2023 02:06:06 GMT
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 09 Feb 2023 01:44:06 GMT
expires: Thu, 09 Feb 2023 03:44:06 GMT
cache-control: public, max-age=7200
age: 1321
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
40.69.95.108302 Found 0 B IP 40.69.95.108:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&RedC=c.clarity.ms&MXFR=265BD2E54FA86A1E1652C0564BA864D9
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=265BD2E54FA86A1E1652C0564BA864D9; domain=.clarity.ms; expires=Tue, 05-Mar-2024 02:06:07 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Thu, 09 Feb 2023 02:06:07 GMT
content-length: 0
X-Firefox-Spdy: h2
api.widget.zalo.me/v1/zuser
49.213.114.167200 OK 57 B URL HTTP/2 api.widget.zalo.me/v1/zuser
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash 3e9590827921ed67322cbbfcdb754ff1
392279ecefe6f8f88aa223e79206e65891249883
a4518a2205f5917f44bfb75a043a10df95eef8c353aca95306de38dcd5d7bb18
GET /v1/zuser HTTP/1.1
Host: api.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Zreferrer: www.jeff.vn
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: text/json;charset=utf-8
content-length: 57
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-max-age: 1728000
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
api.widget.zalo.me/v1/oa?oaid=1841675626203250178
49.213.114.167200 OK 564 B URL HTTP/2 api.widget.zalo.me/v1/oa?oaid=1841675626203250178
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (557), with no line terminators
Hash f3dcee426105f92a31c0432edca1af3e
bf263012b0928fe2b5fa86e87c1bd4dd5c87e319
ac0e834de60cb3e4210b85853319150e0206a13cefc8d95cee0400b9961f2319
GET /v1/oa?oaid=1841675626203250178 HTTP/1.1
Host: api.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: 64d329381ac6a81d374ad4ca4945bb228a2875ea391f14a90e47d511a6b05a7c
Zreferrer: www.jeff.vn
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: text/json;charset=utf-8
content-length: 564
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-max-age: 1728000
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7RLV1ZQ10L&cid=909987102.1675908425>m=45je3280&aip=1&z=361173906
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7RLV1ZQ10L&cid=909987102.1675908425>m=45je3280&aip=1&z=361173906
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7RLV1ZQ10L&cid=909987102.1675908425>m=45je3280&aip=1&z=361173906 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 02:06:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c.bing.com/c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&RedC=c.clarity.ms&MXFR=265BD2E54FA86A1E1652C0564BA864D9
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&RedC=c.clarity.ms&MXFR=265BD2E54FA86A1E1652C0564BA864D9
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&RedC=c.clarity.ms&MXFR=265BD2E54FA86A1E1652C0564BA864D9 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jeff.vn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&MUID=1DEB1CDF811061BB100E0E6C8047607B
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: MUID=1DEB1CDF811061BB100E0E6C8047607B; domain=.bing.com; expires=Tue, 05-Mar-2024 02:06:07 GMT; path=/; SameSite=None; Secure; Priority=High;
MR=0; domain=c.bing.com; expires=Thu, 16-Feb-2023 02:06:07 GMT; path=/; SameSite=None; Secure;
SRM_B=1DEB1CDF811061BB100E0E6C8047607B; domain=c.bing.com; expires=Tue, 05-Mar-2024 02:06:07 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C3CDFB8CA884232A4DAFCD45EBE933C Ref B: OSL30EDGE0314 Ref C: 2023-02-09T02:06:07Z
date: Thu, 09 Feb 2023 02:06:06 GMT
content-length: 0
X-Firefox-Spdy: h2
app.jeff.vn/embeddable-scripts/webflow/global.js
54.230.111.57200 OK 48 kB URL HTTP/2 app.jeff.vn/embeddable-scripts/webflow/global.js
IP 54.230.111.57:0
Hash 90bb5058825a181fd0ce1a78cbacae1a
4255b5a09ab7ee4a3a4f96c41fdf0ab8a4eb8fae
5cf6beffc64b6b7446fa3dcfa412db6df2d020776f0ad6c04e71fa4c4834120e
Analyzer Verdict Alert quad9 Sinkholed
GET /embeddable-scripts/webflow/global.js HTTP/1.1
Host: app.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 09 Feb 2023 02:06:03 GMT
set-cookie: AWSALB=rv0+PjcXWqDqLKE4xMF5Qdq0h4+HlHYUA7azRyxLmCaIqiPEYaiFFGsvGLt+1E4JjDwMX4Hxwk9o8r9SBw6qoUGtanozNqUMqRIwVZzvHgIxAKp+8l/6IglnYcbY; Expires=Thu, 16 Feb 2023 02:06:03 GMT; Path=/
AWSALBCORS=rv0+PjcXWqDqLKE4xMF5Qdq0h4+HlHYUA7azRyxLmCaIqiPEYaiFFGsvGLt+1E4JjDwMX4Hxwk9o8r9SBw6qoUGtanozNqUMqRIwVZzvHgIxAKp+8l/6IglnYcbY; Expires=Thu, 16 Feb 2023 02:06:03 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 08 Feb 2023 13:04:29 GMT
etag: W/"19c04-1863120a748"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: TA_RXi_NkTlUVhTIkoav9BGzfw-11RcrbNWEY_RVPdSMsC9k5hkWxw==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11800, version 1.0\012- data
Hash e36fccd06262bef92e7a9841e2202225
b907dd02819497b3942220e0aa160c167195506b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 00:55:59 GMT
expires: Mon, 05 Feb 2024 00:55:59 GMT
cache-control: public, max-age=31536000
age: 349808
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:02:00 GMT
expires: Mon, 05 Feb 2024 22:02:00 GMT
cache-control: public, max-age=31536000
age: 273847
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 14:50:08 GMT
expires: Wed, 07 Feb 2024 14:50:08 GMT
cache-control: public, max-age=31536000
age: 126959
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-150685598-1&cid=909987102.1675908425&jid=1403583460&gjid=359863185&_gid=671818255.1675908425&_u=YCDAiEABBAAAAEABI~&z=307317912
173.194.222.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-150685598-1&cid=909987102.1675908425&jid=1403583460&gjid=359863185&_gid=671818255.1675908425&_u=YCDAiEABBAAAAEABI~&z=307317912
IP 173.194.222.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-150685598-1&cid=909987102.1675908425&jid=1403583460&gjid=359863185&_gid=671818255.1675908425&_u=YCDAiEABBAAAAEABI~&z=307317912 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.jeff.vn
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Feb 2023 02:06:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
216.58.207.227200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5604, version 1.0\012- data
Hash 7cda2cfee99d697daf8c14819d9004eb
76f4002863493c93454a9f17424942f321287cba
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 10:14:15 GMT
expires: Sat, 03 Feb 2024 10:14:15 GMT
cache-control: public, max-age=31536000
age: 489112
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
216.58.207.227200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Hash ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:11:32 GMT
expires: Tue, 06 Feb 2024 17:11:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
age: 204875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&MUID=1DEB1CDF811061BB100E0E6C8047607B
40.69.95.108200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&MUID=1DEB1CDF811061BB100E0E6C8047607B
IP 40.69.95.108:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?ctsa=mr&CtsSyncId=E6C889240E8E4F0A84E6C35CC587009C&MUID=1DEB1CDF811061BB100E0E6C8047607B HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jeff.vn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Mon, 30 Jan 2023 17:32:34 GMT
accept-ranges: bytes
etag: "c9e6d3d6d034d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 09-Feb-2023 02:16:07 GMT; path=/; SameSite=None; Secure;
date: Thu, 09 Feb 2023 02:06:07 GMT
content-length: 42
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-150685598-1&cid=909987102.1675908425&jid=1403583460&_u=YCDAiEABBAAAAEABI~&z=903029358
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-150685598-1&cid=909987102.1675908425&jid=1403583460&_u=YCDAiEABBAAAAEABI~&z=903029358
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-150685598-1&cid=909987102.1675908425&jid=1403583460&_u=YCDAiEABBAAAAEABI~&z=903029358 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 02:06:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
page.widget.zalo.me/static/images/2.0/Logo.svg
49.213.114.167200 OK 1.3 kB URL HTTP/2 page.widget.zalo.me/static/images/2.0/Logo.svg
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (696)
Hash 311478921d5ccfd5f26fdc6776a2c45a
6d42312fd69c96c77d7fc7104c943f4c8292e0c4
6dca0db9475a15c27d0f49161912ca1dd402f9094f71063aa3b34d8dce24b781
GET /static/images/2.0/Logo.svg HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: image/svg+xml
content-length: 1343
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
za.zalo.me/gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1&anoTok=NdqLyA_arCPATXFngEpMnqjZ1xFquiw55t4DhUQcZOiFD4YuwQwBX0axJRSoENq
49.213.114.149200 OK 145 B URL HTTP/2 za.zalo.me/gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1&anoTok=NdqLyA_arCPATXFngEpMnqjZ1xFquiw55t4DhUQcZOiFD4YuwQwBX0axJRSoENq
IP 49.213.114.149:0
ASN #38244 VNG Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash f5da855cdae9a298839a93c5acaf3f95
bebb47b0afc8803512c5df65ea61b91943d612e9
c59a32662f19e3fdabbc53801ed36cb32f071be806efba49d6f809b3325332d1
GET /gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1&anoTok=NdqLyA_arCPATXFngEpMnqjZ1xFquiw55t4DhUQcZOiFD4YuwQwBX0axJRSoENq HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: application/json; charset=utf-8
content-length: 145
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2
za.zalo.me/gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1&anoTok=NdqLyA_arCPATXFngEpMnqjZ1xFquiw55t4DhUQcZOiFD4YuwQwBX0axJRSoENq
49.213.114.149200 OK 145 B URL HTTP/2 za.zalo.me/gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1&anoTok=NdqLyA_arCPATXFngEpMnqjZ1xFquiw55t4DhUQcZOiFD4YuwQwBX0axJRSoENq
IP 49.213.114.149:0
ASN #38244 VNG Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f9ebfaefa1ee873d1f153cefef230bb
57d9c18787e21d224dc4931359abb99529c1bd2e
9d81347b4ae62853106065c0c5dbbcb22707095bcd1314d7cd16421567521664
GET /gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1&anoTok=NdqLyA_arCPATXFngEpMnqjZ1xFquiw55t4DhUQcZOiFD4YuwQwBX0axJRSoENq HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: application/json; charset=utf-8
content-length: 145
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-7RLV1ZQ10L>m=45je3280&_p=1570848551&_gaz=1&cid=909987102.1675908425&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&dr=&sid=1675908424&sct=1&seg=0&dl=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&dt=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&uid=&en=page_view&_fv=1&_nsi=1&_ss=2&up.lead_type=
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-7RLV1ZQ10L>m=45je3280&_p=1570848551&_gaz=1&cid=909987102.1675908425&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&dr=&sid=1675908424&sct=1&seg=0&dl=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&dt=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&uid=&en=page_view&_fv=1&_nsi=1&_ss=2&up.lead_type=
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7RLV1ZQ10L>m=45je3280&_p=1570848551&_gaz=1&cid=909987102.1675908425&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&dr=&sid=1675908424&sct=1&seg=0&dl=https%3A%2F%2Fwww.jeff.vn%2Fpromo%2Faffiliate%2F%3Futm_source%3Dpublisher%26utm_medium%3Dcpc%26utm_campaign%3DLeadbit-CPL%26utid%3D63E454F47EED7B14FD07B699%26utm_content%3D103253&dt=Nh%E1%BA%ADn%20ngay%2010%20tri%E1%BB%87u%20%C4%91%E1%BB%93ng%20v%E1%BB%9Bi%20l%C3%A3i%20su%E1%BA%A5t%20t%E1%BB%AB%200%25&uid=&en=page_view&_fv=1&_nsi=1&_ss=2&up.lead_type= HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.jeff.vn
date: Thu, 09 Feb 2023 02:06:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
page.widget.zalo.me/static/css/fa/webfonts/fa-regular-400.woff2
49.213.114.167200 OK 169 kB URL HTTP/2 page.widget.zalo.me/static/css/fa/webfonts/fa-regular-400.woff2
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type Web Open Font Format (Version 2), TrueType, length 168768, version 331.-31261\012- data
Size 169 kB (168768 bytes)
Hash d8689b99dce7c881d3130f3c91cfefdf
fb005c93930c13b3a5f449bbc75ba5ee23f609fa
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
GET /static/css/fa/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://page.widget.zalo.me/static/css/fa/css/all.min.css
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: font/woff2
content-length: 168768
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
d.clarity.ms/collect
40.76.174.66204 No Content 0 B IP 40.76.174.66:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2414
Origin: https://www.jeff.vn
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
date: Thu, 09 Feb 2023 02:06:07 GMT
X-Firefox-Spdy: h2
page.widget.zalo.me/static/css/fa/webfonts/fa-light-300.woff2
49.213.114.167200 OK 184 kB URL HTTP/2 page.widget.zalo.me/static/css/fa/webfonts/fa-light-300.woff2
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type Web Open Font Format (Version 2), TrueType, length 184144, version 331.-31261\012- data
Size 184 kB (184144 bytes)
Hash de11da0fb48a14c9cbc05b0a24ed6efa
878cd08a06b335d95826e813e0a8777e28a76d04
e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d
GET /static/css/fa/webfonts/fa-light-300.woff2 HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://page.widget.zalo.me/static/css/fa/css/all.min.css
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: font/woff2
content-length: 184144
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 92614511b9517837c40caf0ce4fbc24b
86a00f4962b506759d0e1cabd6d3e8227d3b9d03
41ed474cf2cc2d53567fdb9d71ec48ae758c87d2e050eb3c31d727adf9566038
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 189
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:08 GMT
Etag: "63e311cc-1d7"
Last-Modified: Thu, 09 Feb 2023 02:02:59 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 92614511b9517837c40caf0ce4fbc24b
86a00f4962b506759d0e1cabd6d3e8227d3b9d03
41ed474cf2cc2d53567fdb9d71ec48ae758c87d2e050eb3c31d727adf9566038
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:08 GMT
Etag: "63e311cc-1d7"
Server: ECS (amb/6BAE)
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4d073744e577ad7a2c1d98e7bbf84579
5175f2911a6146f9ef34e4cf63a2759a909f495f
03131e129f9f80a6658e4a07602bc41c14af2b3bf721feba26e47103f8b954b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2232
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:06:09 GMT
Last-Modified: Thu, 09 Feb 2023 01:28:58 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
s160-ava-talk.zadn.vn/0/e/7/7/2/160/fd7790535068f98a7e35116f7e5d477e.jpg
103.39.92.104200 OK 3.5 kB URL HTTP/2 s160-ava-talk.zadn.vn/0/e/7/7/2/160/fd7790535068f98a7e35116f7e5d477e.jpg
IP 103.39.92.104:0
ASN #18403 FPT Telecom Company
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x160, components 3\012- data
Hash 45c97814123e963fba9b7cbe31af7c2d
c7a1c6ced7ba62447cc8743d02982167ede52ae0
e2af94f1179813bed9fd382a0b23a359da83774374c39133d6b434af30d3f36a
GET /0/e/7/7/2/160/fd7790535068f98a7e35116f7e5d477e.jpg HTTP/1.1
Host: s160-ava-talk.zadn.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
server: Universe
cache-control: max-age=7776000,no-transform
expires: Wed, 10 May 2023 02:06:09 GMT
date: Thu, 09 Feb 2023 02:06:09 GMT
last-modified: Thu, 09 Feb 2023 02:06:09 GMT
x-cache-status: HIT
age: 7432715
content-length: 3526
content-type: image/jpg
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b1c9a09cd47_heart.svg
54.230.111.7200 OK 0 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b1c9a09cd47_heart.svg
IP 54.230.111.7:0
GET /6107d6546b656bffc909cd26/6107d6546b656b1c9a09cd47_heart.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 17 Jan 2023 01:14:52 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: W/"0b0444d559b753b01769d338e8e6b725"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: YtxyRj6nwilAX9Q.ecsWds7UwrywbMpz
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1990271
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PTcKonFnSmQ3JGnEaCuAM7t2wNwI9z4PO1kVVneeaFdoeC-79nqwsw==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b38c709cd45_announce.svg
54.230.111.7200 OK 0 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b38c709cd45_announce.svg
IP 54.230.111.7:0
GET /6107d6546b656bffc909cd26/6107d6546b656b38c709cd45_announce.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 20 Jan 2023 02:00:42 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: W/"312f73f9d116b50e2aa65bea96d932a0"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: gZE.0bXdriCNJlCWYrhY_XehgFydewEt
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1728321
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gh2l8JbjjGib3dAa_zwNUAIft3JrefM1S7RPj0VMBkn_d1ZttVYmZg==
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag
IP 178.250.0.157:0
GET /syncframe?topUrl=www.jeff.vn&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:02 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=d04fe763-44ec-4eb3-a120-9ac0d1443e86; expires=Tue, 05 Mar 2024 02:06:02 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 585584
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
widget.chat.zalo.me/login-tab?oaId=1841675626203250178
49.213.78.128200 OK 0 B URL HTTP/2 widget.chat.zalo.me/login-tab?oaId=1841675626203250178
IP 49.213.78.128:0
ASN #38244 VNG Corporation
GET /login-tab?oaId=1841675626203250178 HTTP/1.1
Host: widget.chat.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: b696aca350238a6e2ec799d562008fbc446b67d4e542a45f3480bcaf200cff27
Zreferrer: www.jeff.vn
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Cookie: __zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:09 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Headers, Authorization, Zreferrer
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: zoaw_sek=piMJ.1114316169.0.plyDK1Z7HOsHsYxF6CT5ZHZ7HOqOnqMD6TSGQNkuHOq;Domain=.zalo.me;Expires=Thu, 16-Feb-2023 02:06:09 GMT;HttpOnly; Secure; SameSite=None; Secure; SameSite=None
zoaw_type=0;Domain=.zalo.me;Expires=Thu, 16-Feb-2023 02:06:09 GMT; Secure; SameSite=None
content-encoding: gzip
vary: Accept-Encoding, User-Agent
server: za-ngx-srv
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2
sp.zalo.me/plugins/sdk.js
49.213.114.132200 OK 0 B URL HTTP/2 sp.zalo.me/plugins/sdk.js
IP 49.213.114.132:0
ASN #38244 VNG Corporation
GET /plugins/sdk.js HTTP/1.1
Host: sp.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:03 GMT
content-type: text/javascript;charset=utf-8
etag: cbc6013bb2eeee269197cfbcfe0d1818--gzip
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/61c0d1264935ee173ea20df9_Jeff-logo-blue.svg
54.230.111.7200 OK 0 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/61c0d1264935ee173ea20df9_Jeff-logo-blue.svg
IP 54.230.111.7:0
GET /6107d6546b656bffc909cd26/61c0d1264935ee173ea20df9_Jeff-logo-blue.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 05 Jan 2023 09:13:59 GMT
last-modified: Mon, 20 Dec 2021 18:53:28 GMT
etag: W/"fac34ae20c20c5797b16e98a6037501e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: XtJG1xIfC3_oAEC_jmId_Ai9gImM0CTR
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2998324
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q5nX5CYBu-mFwLs4IkkGAoP6y9AX7qKQXCM0xu7GC3CsNoCTzP_88A==
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.197200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.197:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:02 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 130615
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/504317807104934?v=2.9.95&r=stable
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/504317807104934?v=2.9.95&r=stable
IP 31.13.72.12:0
GET /signals/config/504317807104934?v=2.9.95&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 8TXTU916IEhbRzZgT4Oe4mOrnqzCNlG+W1M8ubFyUIl9RVdpgA7w/+durOJ0+Fu9FUFeer0ISaPjiCGIDuvBYw==
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 02:06:06 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
api.widget.zalo.me/v1/oa?oaid=1841675626203250178
49.213.114.167200 OK 0 B URL HTTP/2 api.widget.zalo.me/v1/oa?oaid=1841675626203250178
IP 49.213.114.167:0
ASN #38244 VNG Corporation
OPTIONS /v1/oa?oaid=1841675626203250178 HTTP/1.1
Host: api.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,zreferrer
Referer: https://page.widget.zalo.me/
Origin: https://page.widget.zalo.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=98165
178.250.2.140200 OK 0 B URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=98165
IP 178.250.2.140:0
GET /js/ld/ld.js?a=98165 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:02 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
page.widget.zalo.me/static/static/css/main.607e1b85.chunk.css
49.213.114.167200 OK 0 B URL HTTP/2 page.widget.zalo.me/static/static/css/main.607e1b85.chunk.css
IP 49.213.114.167:0
ASN #38244 VNG Corporation
GET /static/static/css/main.607e1b85.chunk.css HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js
49.213.114.167200 OK 0 B URL HTTP/2 page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js
IP 49.213.114.167:0
ASN #38244 VNG Corporation
GET /static/static/js/2.7b346dac.chunk.js HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
api.widget.zalo.me/v1/zuser
49.213.114.167200 OK 0 B URL HTTP/2 api.widget.zalo.me/v1/zuser
IP 49.213.114.167:0
ASN #38244 VNG Corporation
OPTIONS /v1/zuser HTTP/1.1
Host: api.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: zreferrer
Referer: https://page.widget.zalo.me/
Origin: https://page.widget.zalo.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
widget.chat.zalo.me/login-tab?oaId=1841675626203250178
49.213.78.128200 OK 0 B URL HTTP/2 widget.chat.zalo.me/login-tab?oaId=1841675626203250178
IP 49.213.78.128:0
ASN #38244 VNG Corporation
OPTIONS /login-tab?oaId=1841675626203250178 HTTP/1.1
Host: widget.chat.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,zreferrer
Referer: https://page.widget.zalo.me/
Origin: https://page.widget.zalo.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:08 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Headers, Authorization, Zreferrer
access-control-allow-credentials: true
allow: GET, HEAD, POST, TRACE, OPTIONS
server: za-ngx-srv
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2
page.widget.zalo.me/static/static/js/main.bdb050eb.chunk.js
49.213.114.167200 OK 0 B URL HTTP/2 page.widget.zalo.me/static/static/js/main.bdb050eb.chunk.js
IP 49.213.114.167:0
ASN #38244 VNG Corporation
GET /static/static/js/main.bdb050eb.chunk.js HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/61cb0c09b776f0761b8a619e_testimonial_person_sml.jpg
54.230.111.7200 OK 0 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/61cb0c09b776f0761b8a619e_testimonial_person_sml.jpg
IP 54.230.111.7:0
GET /6107d6546b656bffc909cd26/61cb0c09b776f0761b8a619e_testimonial_person_sml.jpg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 56280
date: Mon, 09 Jan 2023 01:21:46 GMT
last-modified: Tue, 28 Dec 2021 13:07:22 GMT
etag: "fa2f152f3312a6219fb10009bca34887"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: SJHHdOpxgJ.VgsKdWg86y184WhZx8n5Y
accept-ranges: bytes
server: AmazonS3
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2681057
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1Wk85xfE3dfcy_YWBXZ98jlXOOdvcR9NgmCncdLVEFxO8Xeri6CyFg==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/61b8f0931768433af36b831c_61b3e9130cda5653e4c3650b_stars.svg
54.230.111.7200 OK 0 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/61b8f0931768433af36b831c_61b3e9130cda5653e4c3650b_stars.svg
IP 54.230.111.7:0
GET /6107d6546b656bffc909cd26/61b8f0931768433af36b831c_61b3e9130cda5653e4c3650b_stars.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 17 Jan 2023 01:14:52 GMT
last-modified: Tue, 14 Dec 2021 19:29:25 GMT
etag: W/"3ab8863711cd31b29be9ac7c209a322d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: Qbfc7DfZevSEAcMikzhL8QhJlEf3FCGK
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1990271
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UElEoBYQkJWO9BmVlLFBHdQI5-Et7nHVdBQp8JlukDsdYC09yNBQTA==
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2616020.js?sv=7
54.230.111.113200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2616020.js?sv=7
IP 54.230.111.113:0
GET /c/hotjar-2616020.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 09 Feb 2023 02:06:04 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/be9c075a675aca50533432490876928b
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BvkipxZnkjLHG95iSdMjuhs1ZCAr-17ACcutQYToIFQeB5OECC_NtA==
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b495b09cd48_timer.svg
54.230.111.7200 OK 0 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/6107d6546b656b495b09cd48_timer.svg
IP 54.230.111.7:0
GET /6107d6546b656bffc909cd26/6107d6546b656b495b09cd48_timer.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b9eafbef6.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 13 Jan 2023 02:02:24 GMT
last-modified: Mon, 02 Aug 2021 11:26:14 GMT
etag: W/"0f94244582317ca88b6421fb8f818105"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: .ODokhEdtaoajcVnEF5GpcZpfn32ksNj
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 2333019
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xwShE2kYeTe_60odarmCws_2ZXnHfufpbvFXSSuied_bkzFpwk5Gnw==
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.184200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.184:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:03 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 112715
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
clientcdn.pushengage.com/core/c946221a-b52c-4331-a28e-1cb0bf89cc6f.js
54.230.111.71200 OK 0 B URL HTTP/2 clientcdn.pushengage.com/core/c946221a-b52c-4331-a28e-1cb0bf89cc6f.js
IP 54.230.111.71:0
GET /core/c946221a-b52c-4331-a28e-1cb0bf89cc6f.js HTTP/1.1
Host: clientcdn.pushengage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 09 Feb 2023 02:06:03 GMT
server: nginx
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6guH7DTGjnbYUDWSxrFp6RBvYrWTxNNgjdTnQGpuCC4Vf_qnPMuCZg==
X-Firefox-Spdy: h2
page.widget.zalo.me/static/css/fa/css/all.min.css
49.213.114.167200 OK 0 B URL HTTP/2 page.widget.zalo.me/static/css/fa/css/all.min.css
IP 49.213.114.167:0
ASN #38244 VNG Corporation
GET /static/css/fa/css/all.min.css HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=852f7ed5-da92-4be8-a099-0c1dde94ecdf&domain=www.jeff.vn&android=false&ios=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:04 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
assets-global.website-files.com/6107d6546b656bffc909cd26/625879fcf6c684929927dfca_Group%20746.svg
54.230.111.7200 OK 0 B URL HTTP/2 assets-global.website-files.com/6107d6546b656bffc909cd26/625879fcf6c684929927dfca_Group%20746.svg
IP 54.230.111.7:0
GET /6107d6546b656bffc909cd26/625879fcf6c684929927dfca_Group%20746.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 20 Jan 2023 00:36:03 GMT
last-modified: Thu, 14 Apr 2022 19:46:07 GMT
etag: W/"294148022ac8428de1511db3b5923568"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: Ahcx4AKIE_naP6h4S1YItLgxflJXvFO4
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
age: 1733400
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ng_K5fdI-bJz1Sso7uFp60JX8VZdnAVUPeVvAKLKkJPDKFpRdIeuDQ==
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=mRVIRl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBna3c1YUJ4ZXFja0JVcFQ0a3U1a05IVDZGbEJqdTVHTmFwWTRFRnVrYVQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:03 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=BajZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBna3c1YUJ4ZXFja0JVcFQ0a3U1a1BnZTlwWTNUWjB4SUdNcUFQemNEc3M; expires=Tue, 05 Mar 2024 02:06:03 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 353209
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/149005296
13.107.237.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/uet/149005296
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/uet/149005296 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeff.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=1c905391c1e54dbda700337cb8224031.20230209.20240209; expires=Fri, 09 Feb 2024 02:06:06 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-cache: CONFIG_NOCACHE
x-azure-ref: 0DlXkYwAAAABhTmYngXrkQ6gr2+qK4dVhQ1BIMzBFREdFMDQyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 09 Feb 2023 02:06:05 GMT
X-Firefox-Spdy: h2
px.dmp.zaloapp.com/tr?id=7711843404775064594&event=PageView&sessionId=24c6ec65-9aaa-45e0-9647-069e4fb2ef99&time=1675908424025&version=1&zscript=1&lastsrcref=https://www.jeff.vn&vid=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
49.213.114.180200 OK 0 B URL HTTP/2 px.dmp.zaloapp.com/tr?id=7711843404775064594&event=PageView&sessionId=24c6ec65-9aaa-45e0-9647-069e4fb2ef99&time=1675908424025&version=1&zscript=1&lastsrcref=https://www.jeff.vn&vid=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1
IP 49.213.114.180:0
ASN #38244 VNG Corporation
GET /tr?id=7711843404775064594&event=PageView&sessionId=24c6ec65-9aaa-45e0-9647-069e4fb2ef99&time=1675908424025&version=1&zscript=1&lastsrcref=https://www.jeff.vn&vid=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4wHOPJwjCD1JzHcaFtzoqT0qccLylmu.1 HTTP/1.1
Host: px.dmp.zaloapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:07 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0
pragma: no-cache
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
widget.chat.zalo.me/api/log?action=7&globalId=2000.SSZzwP5AMiydtRwqrXHCmIQKhAcS2KZPPy2WeD4B1zKXphZxXnyCqo39iFc67Xd7OfM-uSH22yqjsRpZZmyDp2dOkEc8Gmp3Av6mxuT50yGtDp4.1&oaId=1841675626203250178
49.213.78.128200 OK 0 B URL HTTP/2 widget.chat.zalo.me/api/log?action=7&globalId=2000.SSZzwP5AMiydtRwqrXHCmIQKhAcS2KZPPy2WeD4B1zKXphZxXnyCqo39iFc67Xd7OfM-uSH22yqjsRpZZmyDp2dOkEc8Gmp3Av6mxuT50yGtDp4.1&oaId=1841675626203250178
IP 49.213.78.128:0
ASN #38244 VNG Corporation
OPTIONS /api/log?action=7&globalId=2000.SSZzwP5AMiydtRwqrXHCmIQKhAcS2KZPPy2WeD4B1zKXphZxXnyCqo39iFc67Xd7OfM-uSH22yqjsRpZZmyDp2dOkEc8Gmp3Av6mxuT50yGtDp4.1&oaId=1841675626203250178 HTTP/1.1
Host: widget.chat.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: zreferrer
Referer: https://page.widget.zalo.me/
Origin: https://page.widget.zalo.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:06:09 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Headers, Authorization, Zreferrer
access-control-allow-credentials: true
allow: GET, HEAD, POST, TRACE, OPTIONS
server: za-ngx-srv
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2