www.jeff.vn Open in urlscan Pro
16.162.101.137 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jeff.vn/
Effective URL:
https://www.jeff.vn/
Submission: On December 27 via api (December 27th 2022, 12:40:07 pm UTC) from US — Scanned from US

Summary HTTP 173 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 68 IPs in 7 countries across 50 domains to perform 173 HTTP transactions. The main IP is 16.162.101.137, located in Hong Kong and belongs to AMAZON-02, US. The main domain is www.jeff.vn.
TLS certificate: Issued by Amazon on August 21st 2022. Valid for: a year.

This is the only time www.jeff.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.167.29.181 18.167.29.181	16509 (AMAZON-02) (AMAZON-02)
1 2	16.162.101.137 16.162.101.137	16509 (AMAZON-02) (AMAZON-02)
32	2600:9000:21e... 2600:9000:21ea:6c00:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:248... 2600:1f18:2489:8201::c8	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:248... 2600:1f18:2489:8200::c8	14618 (AMAZON-AES) (AMAZON-AES)
1	49.213.114.132 49.213.114.132	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
1	13.33.81.115 13.33.81.115	16509 (AMAZON-02) (AMAZON-02)
1	13.225.223.26 13.225.223.26	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
23	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
2	13.233.222.59 13.233.222.59	16509 (AMAZON-02) (AMAZON-02)
25	49.213.114.167 49.213.114.167	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
2	120.138.69.5 120.138.69.5	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
1 2	142.250.65.198 142.250.65.198	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::f 2620:100:a001::f	19750 (AS-CRITEO) (AS-CRITEO)
1	120.138.69.12 120.138.69.12	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
5	49.213.114.149 49.213.114.149	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
4 5	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
4	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1 5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	49.213.114.180 49.213.114.180	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2	2620:1ec:49::40 2620:1ec:49::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	52.184.204.244 52.184.204.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	49.213.103.120 49.213.103.120	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
4	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	49.213.78.128 49.213.78.128	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
1 2	20.110.81.91 20.110.81.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.146.81 143.204.146.81	16509 (AMAZON-02) (AMAZON-02)
1 3	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
1	3.232.61.250 3.232.61.250	14618 (AMAZON-AES) (AMAZON-AES)
1	54.230.163.117 54.230.163.117	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2004	15169 (GOOGLE) (GOOGLE)
1 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 1	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
2 2	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	52.44.84.189 52.44.84.189	14618 (AMAZON-AES) (AMAZON-AES)
1 1	15.235.42.104 15.235.42.104	16276 (OVH) (OVH)
1 2	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.198.56.80 34.198.56.80	14618 (AMAZON-AES) (AMAZON-AES)
1	23.41.168.23 23.41.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	70.42.32.255 70.42.32.255	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.84.41.227 54.84.41.227	14618 (AMAZON-AES) (AMAZON-AES)
1	199.187.193.193 199.187.193.193	47043 (SMARTADSE...) (SMARTADSERVER)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.64.61.36 23.64.61.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1 2	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
1	18.214.193.123 18.214.193.123	14618 (AMAZON-AES) (AMAZON-AES)
1	202.241.208.100 202.241.208.100	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	195.244.31.10 195.244.31.10	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
1	184.50.205.247 184.50.205.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	63.251.28.233 63.251.28.233	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	52.44.141.176 52.44.141.176	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550e:9109:3f2f:4dfb:6442	14618 (AMAZON-AES) (AMAZON-AES)
1	107.21.7.4 107.21.7.4	14618 (AMAZON-AES) (AMAZON-AES)
1	3.84.48.245 3.84.48.245	14618 (AMAZON-AES) (AMAZON-AES)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	44.206.137.207 44.206.137.207	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2600:9000:220... 2600:9000:2209:3800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	107.20.252.73 107.20.252.73	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.214.90 13.225.214.90	16509 (AMAZON-02) (AMAZON-02)
173	68

1 18.167.29.181 (Hong Kong) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-167-29-181.ap-east-1.compute.amazonaws.com

jeff.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 16.162.101.137 (Hong Kong) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-16-162-101-137.ap-east-1.compute.amazonaws.com

jeff.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.jeff.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:2489:8201::c8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

static.jeff-app.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:2489:8200::c8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

scripts.jeff-app.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.213.114.132 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)

sp.zalo.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.81.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-81-115.ewr52.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.223.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-26.jfk51.r.cloudfront.net

app.jeff.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2607:f8b0:4006:817::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.233.222.59 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-233-222-59.ap-south-1.compute.amazonaws.com

api.jeff-app.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 49.213.114.167 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)

page.widget.zalo.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.widget.zalo.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 120.138.69.5 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
PTR: ptr.vng.vn

za.zdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.198 (Glen Cove, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net

11882785.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::f (United States)

ASN19750 (AS-CRITEO, US)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 120.138.69.12 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
PTR: ptr.vng.vn

sp-zp.zdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 49.213.114.149 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)

za.zalo.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:100:a001::c (United States) 4 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 49.213.114.180 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)

px.dmp.zaloapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:49::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.184.204.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.213.103.120 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)

s160-ava-talk.zadn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 49.213.78.128 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)

widget.chat.zalo.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.81.91 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.146.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-81.ewr52.r.cloudfront.net

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.150 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.61.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-61-250.compute-1.amazonaws.com

jeffvn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.163.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-117.ewr53.r.cloudfront.net

assetscdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.226 (Glen Cove, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.166 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.44.84.189 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-84-189.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.42.104 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-003.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.56.80 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-56-80.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.41.168.23 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.41.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-41-227.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.193 (Canada)

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.64.61.36 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-61-36.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.90.66 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.193.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-193-123.compute-1.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.100 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.50.205.247 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-247.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.233 (United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.44.141.176 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-141-176.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550e:9109:3f2f:4dfb:6442 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.7.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-7-4.compute-1.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.84.48.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-84-48-245.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.206.137.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-137-207.compute-1.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2209:3800:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.20.252.73 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-252-73.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-90.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	zalo.me sp.zalo.me — Cisco Umbrella Rank: 21622 page.widget.zalo.me — Cisco Umbrella Rank: 82146 za.zalo.me — Cisco Umbrella Rank: 21552 api.widget.zalo.me — Cisco Umbrella Rank: 75107 widget.chat.zalo.me — Cisco Umbrella Rank: 76415	726 KB
32	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 18960	421 KB
23	gstatic.com fonts.gstatic.com	323 KB
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3522 gum.criteo.com — Cisco Umbrella Rank: 433 mug.criteo.com — Cisco Umbrella Rank: 2069 sslwidget.criteo.com — Cisco Umbrella Rank: 1823 widget.as.criteo.com — Cisco Umbrella Rank: 34275 dis.criteo.com — Cisco Umbrella Rank: 890	28 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1432 n.clarity.ms — Cisco Umbrella Rank: 11197 c.clarity.ms — Cisco Umbrella Rank: 2224	22 KB
5	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 511 c.bing.com — Cisco Umbrella Rank: 351	14 KB
5	doubleclick.net 2 redirects 11882785.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 156 cm.g.doubleclick.net — Cisco Umbrella Rank: 278	2 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 112	233 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 178	216 KB
4	jeff-app.com static.jeff-app.com scripts.jeff-app.com api.jeff-app.com	5 KB
4	jeff.vn 2 redirects jeff.vn www.jeff.vn app.jeff.vn	45 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 784 i6.liadm.com — Cisco Umbrella Rank: 2026	1 KB
3	mediawallahscript.com 2 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 2523	3 KB
3	pushengage.com clientcdn.pushengage.com — Cisco Umbrella Rank: 17753 jeffvn.pushengage.com assetscdn.pushengage.com — Cisco Umbrella Rank: 23865	33 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 129 analytics.google.com — Cisco Umbrella Rank: 487 www.google.com — Cisco Umbrella Rank: 15	1 KB
3	zdn.vn za.zdn.vn — Cisco Umbrella Rank: 25329 sp-zp.zdn.vn — Cisco Umbrella Rank: 53397	19 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 485 fonts.googleapis.com — Cisco Umbrella Rank: 111	8 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 252	2 KB
2	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 856	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 368	507 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 461	739 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 754	856 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1578	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 275	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 375	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 87	20 KB
2	zaloapp.com px.dmp.zaloapp.com — Cisco Umbrella Rank: 45243	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 115	164 KB
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 615	654 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 2202
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 852	579 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1362	539 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1408	967 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2795	274 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 779	496 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 737	525 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1021	341 B
1	socdm.com tg.socdm.com — Cisco Umbrella Rank: 1082	869 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 961	120 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2053	288 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1285	231 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 637	687 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 617	280 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 424	786 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 898	308 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 681	787 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 2629	411 B
1	zadn.vn s160-ava-talk.zadn.vn — Cisco Umbrella Rank: 10566	4 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1273	46 KB
173	50

	Domain	Requested by
32	assets-global.website-files.com	www.jeff.vn assets-global.website-files.com
23	fonts.gstatic.com	fonts.googleapis.com
14	api.widget.zalo.me	page.widget.zalo.me
11	page.widget.zalo.me	sp.zalo.me page.widget.zalo.me www.jeff.vn
5	n.clarity.ms	www.clarity.ms
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	za.zalo.me	za.zdn.vn page.widget.zalo.me
4	widget.chat.zalo.me	page.widget.zalo.me
4	www.facebook.com	www.jeff.vn
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	partner.mediawallahscript.com	2 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.jeff.vn
2	dpm.demdex.net	1 redirects
2	s.ad.smaato.net	1 redirects
2	i.liadm.com	2 redirects
2	ups.analytics.yahoo.com	1 redirects
2	eb2.3lift.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com
2	c.bing.com	1 redirects
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	px.dmp.zaloapp.com	page.widget.zalo.me
2	11882785.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	za.zdn.vn	sp.zalo.me page.widget.zalo.me
2	api.jeff-app.com	scripts.jeff-app.com app.jeff.vn
2	www.googletagmanager.com	www.jeff.vn www.googletagmanager.com
2	fonts.googleapis.com	ajax.googleapis.com page.widget.zalo.me
2	jeff.vn	2 redirects
1	aa.agkn.com
1	trends.revcontent.com
1	simage2.pubmatic.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	i6.liadm.com
1	matching.ivitrack.com
1	ads.stickyadstv.com
1	tags.bluekai.com
1	visitor.omnitagjs.com
1	tg.socdm.com
1	e1.emxdgt.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	contextual.media.net
1	ws.rqtrk.eu	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	www.google.com
1	assetscdn.pushengage.com
1	jeffvn.pushengage.com	clientcdn.pushengage.com
1	analytics.google.com	www.googletagmanager.com
1	widget.as.criteo.com
1	sslwidget.criteo.com	1 redirects
1	clientcdn.pushengage.com	www.googletagmanager.com
1	s160-ava-talk.zadn.vn	www.jeff.vn
1	mug.criteo.com	www.jeff.vn
1	adservice.google.com	11882785.fls.doubleclick.net
1	sp-zp.zdn.vn	page.widget.zalo.me
1	dynamic.criteo.com	www.googletagmanager.com
1	app.jeff.vn	www.jeff.vn
1	d3e54v103j8qbb.cloudfront.net	www.jeff.vn
1	sp.zalo.me	www.jeff.vn
1	scripts.jeff-app.com	www.jeff.vn
1	static.jeff-app.com	www.jeff.vn
1	www.googleoptimize.com	www.jeff.vn
1	ajax.googleapis.com	www.jeff.vn
1	www.jeff.vn
173	75

This site contains links to these domains. Also see Links.

Domain
zalo.me
app.jeff.vn
click.jeff.vn
www.scorecredit.vn
www.jeff-app.com
www.facebook.com
www.linkedin.com
www.youtube.com
www.pushengage.com

Subject Issuer	Validity	Valid
*.jeff.vn Amazon	`2022-08-21` - `2023-09-19`	a year	crt.sh
*.website-files.com Amazon	`2022-10-12` - `2023-11-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
static.jeff-app.com R3	`2022-12-17` - `2023-03-17`	3 months	crt.sh
scripts.jeff-app.com R3	`2022-11-14` - `2023-02-12`	3 months	crt.sh
*.zalo.me DigiCert TLS RSA SHA256 2020 CA1	`2022-08-03` - `2023-07-16`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
jeff-app.vn Amazon RSA 2048 M02	`2022-10-12` - `2023-11-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.jeff-app.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.widget.zalo.me RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-09` - `2023-08-10`	a year	crt.sh
*.zdn.vn DigiCert TLS RSA SHA256 2020 CA1	`2022-08-18` - `2023-08-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-05` - `2023-01-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.dmp.zaloapp.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-23` - `2023-03-24`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.zadn.vn DigiCert TLS RSA SHA256 2020 CA1	`2022-03-31` - `2023-03-31`	a year	crt.sh
*.chat.zalo.me DigiCert TLS RSA SHA256 2020 CA1	`2022-05-27` - `2023-01-14`	8 months	crt.sh
*.pushengage.com Amazon	`2022-02-18` - `2023-03-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2022-05-24` - `2023-06-25`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-19` - `2023-05-19`	a year	crt.sh
itm.ivitrack.com R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
exchange.mediavine.com Amazon	`2022-05-05` - `2023-06-03`	a year	crt.sh
*.postrelease.com Amazon	`2022-11-27` - `2023-12-25`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
revcontent.com Amazon	`2022-06-16` - `2023-07-16`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.jeff.vn/
Frame ID: F1D579EE61D69AA1E4B1C9D58ABDADBD
Requests: 93 HTTP requests in this frame

Frame: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=fbfd48d3-fd60-443d-b600-c1b8eb7092ba&domain=www.jeff.vn&android=false&ios=false
Frame ID: 4C3D1F23226753E2FF8C9D91C6C2270C
Requests: 36 HTTP requests in this frame

Frame: https://11882785.fls.doubleclick.net/activityi;dc_pre=CIep99romfwCFdcHaAgdPmAKqw;src=11882785;type=rmkt;cat=202200;ord=1654770286813;gtm=2wgbu0;auiddc=1656878325.1672144775;~oref=https%3A%2F%2Fwww.jeff.vn%2F
Frame ID: 8C0641C72349D56873169FBFF911D1D1
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIep99romfwCFdcHaAgdPmAKqw;src=11882785;type=rmkt;cat=202200;ord=1654770286813;gtm=2wgbu0;auiddc=1656878325.1672144775;~oref=https%3A%2F%2Fwww.jeff.vn%2F
Frame ID: D95A2D24E6B7550329395B17E3AC38D3
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag
Frame ID: 0FAEC75CD89862CAAB8CC6589F805E2E
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D4B1429FE08E4A54AD90786014CFDB28
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 40548FA8C87B650D36C0AB54CAFC424D
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HRidwC4YQWQ6ylpeu8dxc61FQy--nAfzi9hP8g&expires=30
Frame ID: 33BF0B714D23850683891F7543C6F78C
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jeff - Chuyên gia tài chính tốt nhất của bạn

Page URL History Show full URLs

http://jeff.vn/ HTTP 301
https://jeff.vn/ HTTP 301
https://www.jeff.vn/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

PushEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

clientcdn\.pushengage\.\w+/core

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

173
Requests

91 %
HTTPS

29 %
IPv6

50
Domains

75
Subdomains

68
IPs

7
Countries

2142 kB
Transfer

5777 kB
Size

83
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://zalo.me/1841675626203250178
Title: Theo dõi

Search URL Search Domain Scan URL

URL: https://app.jeff.vn/registration?partner-type=near_prime
Title: Thử ngay bây giờ

Search URL Search Domain Scan URL

URL: https://click.jeff.vn/FZ9a/app

Search URL Search Domain Scan URL

URL: https://www.scorecredit.vn/
Title: Kiểm tra điểm tín dụng

Search URL Search Domain Scan URL

URL: https://www.jeff-app.com/
Title: Tìm ngay

Search URL Search Domain Scan URL

URL: https://www.facebook.com/jeffvaytien

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/jeffapp/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCkBxsBYc95nThW0geBiI5yw

Search URL Search Domain Scan URL

URL: https://app.jeff.vn/registration
Title: Tìm ưu đãi tốt nhất cho bạn

Search URL Search Domain Scan URL

URL: https://www.pushengage.com/
Title: Powered by PushEngage

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jeff.vn/ HTTP 301
https://jeff.vn/ HTTP 301
https://www.jeff.vn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://11882785.fls.doubleclick.net/activityi;src=11882785;type=rmkt;cat=202200;ord=1654770286813;gtm=2wgbu0;auiddc=1656878325.1672144775;~oref=https%3A%2F%2Fwww.jeff.vn%2F HTTP 302
https://11882785.fls.doubleclick.net/activityi;dc_pre=CIep99romfwCFdcHaAgdPmAKqw;src=11882785;type=rmkt;cat=202200;ord=1654770286813;gtm=2wgbu0;auiddc=1656878325.1672144775;~oref=https%3A%2F%2Fwww.jeff.vn%2F

Request Chain 82

https://gum.criteo.com/sid/json?origin=onetag&domain=jeff.vn&sn=ChromeSyncframe&so=0&topUrl=www.jeff.vn&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=CcBW-HwvZ29vS0VXOUE5VjdmQjc3Q0MvVFlyNWwycTNZTWgrUHZEN0pvNXdmeEtUdmtZT2lvbnhIa21RN3hjWHRFRFJTemRuNWw2eTgraVZzLzh2a1VkR1dJZ1V6S0ZLL3ViNmVIRHY3Ym5nanVmUFRGcTc4QVF1d2VEamhWc1NtTlJpMXpnN25PTllBVyt2dFRUNjlBblYzRWNnRmt2MjA3SXQrUEpVNGhIZnJOQ1dZcVlSVzhOVW9GdkFtOC9IdVlUYmJESm9PR0hMSU1ZN1IwNXhOblhVdElsYTRpWGNsSjI1MnpHQmR2eWRwOEIrejJEWDJjSU8wK3Mwbnk2N1VWSzJNbjZyWW9ZbWljSnNqOVF4TUN0Vkw0Zz09fA&cppv=2

Request Chain 123

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=469CC287E6CE4DFC880571FAA5565D45&RedC=c.clarity.ms&MXFR=14810E6891E860291E9C1CEF95E86EF6 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=469CC287E6CE4DFC880571FAA5565D45&MUID=023BE837598E647E0953FAB058EC65EB

Request Chain 126

https://sslwidget.criteo.com/event?a=98165&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=22fuoV9MJTJCQ0huUFY0RU1vNG9ZV09OdVAyUThxJTJGcHEwSmFJRjRDT1U2Tk0lMkJPeFpxV2lHbkNJODNhaTdDUWFjZzV1cEZUM0clMkJnVlJ2bUtqOVklMkZETWlvYVlVRVNmajR4OVJWNlRGYTBwbWtRdDYxYlJMdHI3eEUwQzIlMkZwM2UyVWxsenJRJTJCNlp6VHhpWU5BSEhpYzE3WCUyQlRwYjFnJTNEJTNE&tld=jeff.vn&dy=1&fu=https%253A%252F%252Fwww.jeff.vn%252F&dtycbr=34842 HTTP 302
https://widget.as.criteo.com/event?a=98165&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=22fuoV9MJTJCQ0huUFY0RU1vNG9ZV09OdVAyUThxJTJGcHEwSmFJRjRDT1U2Tk0lMkJPeFpxV2lHbkNJODNhaTdDUWFjZzV1cEZUM0clMkJnVlJ2bUtqOVklMkZETWlvYVlVRVNmajR4OVJWNlRGYTBwbWtRdDYxYlJMdHI3eEUwQzIlMkZwM2UyVWxsenJRJTJCNlp6VHhpWU5BSEhpYzE3WCUyQlRwYjFnJTNEJTNE&tld=jeff.vn&dy=1&fu=https%253A%252F%252Fwww.jeff.vn%252F&dtycbr=34842

Request Chain 135

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-HRidwC4YQWQ6ylpeu8dxc61FQy--nAfzi9hP8g&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HRidwC4YQWQ6ylpeu8dxc61FQy--nAfzi9hP8g&expires=30

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-vwhz9y4YQWQ6ylpeu8dxc61FQy84i8H2oZpeBQ&google_cm&google_hm=ay12d2h6OXk0WVFXUTZ5bHBldThkeGM2MUZReTg0aThIMm9acGVCUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vwhz9y4YQWQ6ylpeu8dxc61FQy84i8H2oZpeBQ&google_gid=CAESENZFqIs3joglBPaFsrJYycE&google_cver=1&google_ula=913071,0

Request Chain 137

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5237292989423770793

Request Chain 138

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-vwhz9y4YQWQ6ylpeu8dxc61FQy84i8H2oZpeBQ&custom=&tag_format=img&tag_action=sync&custom=&cb=e9982e07-e945-4152-ad7a-95de50f40467 HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-vwhz9y4YQWQ6ylpeu8dxc61FQy84i8H2oZpeBQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=e9982e07-e945-4152-ad7a-95de50f40467&final=true&reqid=8ce2d620-85e3-11ed-a963-85ccdddcc6a3&timestamp=2022-12-27T12%3A39%3A48.610Z HTTP 302
https://ws.rqtrk.eu/pushpull?dmp=e873dca0-85f0-4b95-bfab-a8d855ece660&pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=8d188c20-85e3-11ed-bf67-ffac9eefc1f6&cb=1672144788960&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2099%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1672144788960 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=3eaede15-82d3-444a-9156-d69414c32fc2&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1672144788960

Request Chain 139

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-hoHC5i4YQWQ6ylpeu8dxc61FQy_ZEw0BXyfjcg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-hoHC5i4YQWQ6ylpeu8dxc61FQy_ZEw0BXyfjcg&C=1

Request Chain 140

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-0LkYuS4YQWQ6ylpeu8dxc61FQy-XsCqoHts-lQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0LkYuS4YQWQ6ylpeu8dxc61FQy-XsCqoHts-lQ

Request Chain 148

https://eb2.3lift.com/xuid?mid=2711&xuid=k-qfBjnS4YQWQ6ylpeu8dxc61FQy8Nt-XCamStvg&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-qfBjnS4YQWQ6ylpeu8dxc61FQy8Nt-XCamStvg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 149

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-br33ni4YQWQ6ylpeu8dxc61FQy8u3R7La7lcwQ HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-br33ni4YQWQ6ylpeu8dxc61FQy8u3R7La7lcwQ&verify=true

Request Chain 153

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=

Request Chain 156

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-bFxSFi4YQWQ6ylpeu8dxc61FQy9zjml-n3G91A HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-bFxSFi4YQWQ6ylpeu8dxc61FQy9zjml-n3G91A&_li_chk=true&previous_uuid=faccf1bbc5fe45a792c6452b98e90deb HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-bFxSFi4YQWQ6ylpeu8dxc61FQy9zjml-n3G91A

Request Chain 162

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-AJNrai4YQWQ6ylpeu8dxc61FQy8s3YCxNl_jmQ HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-AJNrai4YQWQ6ylpeu8dxc61FQy8s3YCxNl_jmQ&cookieCheck=1

Request Chain 163

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=SYnY7gHDQiWZI6g54_x87REOlcpwDjzb HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=SYnY7gHDQiWZI6g54_x87REOlcpwDjzb

Request Chain 165

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=jcQQYT-TJaF91Lamh3NjqUoxqARbg8rr

173 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.jeff.vn/
Redirect Chain

http://jeff.vn/
https://jeff.vn/
https://www.jeff.vn/

64 KB
14 KB

1078ms
691ms

Document
text/html

16.162.101.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.162.101.137 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-101-137.ap-east-1.compute.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: 8b5153268a53b20f216b5ba8f259dded47660ad9abfb42c05a90a9b2c0b863f5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 3281
content-encoding: gzip
content-length: 14278
content-type: text/html
date: Tue, 27 Dec 2022 12:39:31 GMT
server: nginx/1.22.0
vary: Accept-Encoding,x-wf-forwarded-proto
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-cluster-name: ap-northeast-1-prod-edge-blue
x-lambda-id: 797d8f0f-c47d-4e13-8b6e-9620c041a414
x-served-by: cache-iad-kjyo7100169-IAD, cache-tyo11927-TYO
x-timer: S1672144771.071708,VS0,VE1

Redirect headers

content-length: 169
content-type: text/html
date: Tue, 27 Dec 2022 12:39:30 GMT
location: https://www.jeff.vn/
server: nginx/1.22.0

GET
H2 200 jeff-vn.b8c914f12.min.css
assets-global.website-files.com/6107d6546b656bffc909cd26/css/ 550 KB
75 KB 290ms
57ms Stylesheet
text/css 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b8c914f12.min.css
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a30afea6d007fc13b0369176489ddd3d2637a88e285a2ae45bc34b0d51f7c553

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: qEiH9Bia0473UnhIvPYfNBeHudJlahaY
content-encoding: gzip
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
date: Mon, 26 Dec 2022 20:08:08 GMT
age: 59485
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 76539
last-modified: Tue, 20 Dec 2022 21:52:17 GMT
server: AmazonS3
etag: "a7dbdfaeacf37ea0f810b00687612f60"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: t5XPvJDX-fL4YfrDVjHQhx4KTzgYHuJaubsKBBhB_e4U2Eegrt0bAQ==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 356ms
40ms Script
text/javascript 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.jeff.vn
URL: https://www.jeff.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Dec 2023 12:37:17 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 121 KB
46 KB 299ms
65ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-MH82HZJ

Requested by

Host: www.jeff.vn
URL: https://www.jeff.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99002a9ebb53b96a1e59a7b201fede5efd5b950095895aadbe7601959a8a4b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46673
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Dec 2022 12:39:32 GMT

GET
H2 200 CalcContainer.js Show response
static.jeff-app.com/scripts/ 5 KB
1 KB 438ms
36ms Script
application/javascript 2600:1f18:2489:8201::c8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://static.jeff-app.com/scripts/CalcContainer.js

Requested by

Host: www.jeff.vn
URL: https://www.jeff.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8201::c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

6db1b103f2e3d724f158626e5b026add3531cb24eebcd413c1c89a8708175abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nf-request-id: 01GN9SGQPBNTMP6FGTVC43EGCS
date: Sat, 24 Dec 2022 08:47:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 273126
etag: "82e75acb51f12449f646f6a530c76cd5-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 1198

GET
H2 200 628dd92211845d1f41a11f5c_consumer_loans.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 2 KB
1 KB 91ms
90ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/628dd92211845d1f41a11f5c_consumer_loans.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54421f5a5ea4179d8132006fbc6c2154a1afc0e4e21f5a4a25d0e2a3e418837a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 07:36:26 GMT
x-amz-version-id: fgFL7EboVp.0AvaJ_k30LDX1svhmDsU9
content-encoding: br
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 18187
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 25 May 2022 07:22:12 GMT
server: AmazonS3
etag: W/"59f41849810691e27d4a0a731e97a914"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: stX2z8Wi9NS7VTA93XDJL1DBzlGvFt-_47Sj_MSxl-teapKrOTcD4w==

GET
H2 200 628dd9235ed89e81f31b809e_motorbike_loans.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 3 KB
1 KB 165ms
162ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/628dd9235ed89e81f31b809e_motorbike_loans.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c11ea803f2e810739c8409e0ac9d9b46d41948c5062cea99ee4be753f955714

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:30:46 GMT
x-amz-version-id: p4kAsMsxUlgYN7Vca24IUGpqRCF6FRxt
content-encoding: br
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 1004927
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 25 May 2022 07:22:13 GMT
server: AmazonS3
etag: W/"e9f0d0fce72f09d3ba3f6a6c3fa58eb0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 71kY4zNrqhmqKxdyNARiubzd_qBTrI9QyRLJJo10Ep9JG1LFZGBRFw==

GET
H2 200 628dd923895bb3f90ef18294_insurance.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 3 KB
1 KB 175ms
172ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/628dd923895bb3f90ef18294_insurance.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e022ff3e2e5b6db123facbdc48e74beb5189fcd8b0e6fceab2937d49eab46a85

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 01:00:35 GMT
x-amz-version-id: yJmssEJVBrqqP455S4jQA4bRb.pQd6Fy
content-encoding: br
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 2201938
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 25 May 2022 07:22:13 GMT
server: AmazonS3
etag: W/"d033baa1fc87c5377e29d1578068fb24"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: zGIGQQhW5thgk7u3rWgw2cPsmrlnZdXXaK1AbEdbVJ7rOdAzitwtOg==

GET
H2 200 628dd9225bd95b03d90aca38_blog.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 2 KB
1 KB 161ms
159ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/628dd9225bd95b03d90aca38_blog.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd154527e92eb30f54f102a994f19457f6db7b7c5371adc0a9b3549fa37a5567

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 08:50:56 GMT
x-amz-version-id: MPM.9n.NGZVFz_3PwH47LzT3pLwUjAq3
content-encoding: br
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 13717
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 25 May 2022 07:22:12 GMT
server: AmazonS3
etag: W/"0ae9d1cd3424a4d2bd0c7721e7dd5135"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 72wGdEIm2ZP_vXNOap13o-01QCmskUiAo-yRbGTZUWy7TT3R4rwluQ==

GET
H2 200 628dd923a704354ed8d349ae_accounts.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 1 KB
1 KB 83ms
81ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/628dd923a704354ed8d349ae_accounts.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61cbe91dc918aaa6b6d929c4a31f5de2cd5fdc34056fa41b5321faa53d2c5950

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 01:01:10 GMT
x-amz-version-id: vNWq5SvPT3YqgyDb69aVTq29262Iolz5
content-encoding: br
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 128302
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 25 May 2022 07:22:13 GMT
server: AmazonS3
etag: W/"7c3a4616d7dd4fc4c45b0d0b95429955"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: oPM0CSN5bLtZVHpZLdttRxWHpCPFIM0hRd_uvB1jEPEnLY8fKOVzqw==

GET
H2 200 628f5fb2a287d7748028dfc3_mortage.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 3 KB
1 KB 85ms
83ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/628f5fb2a287d7748028dfc3_mortage.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae7d1b91f59eca06cc98a92fe54f92d546d9d250c38403b608c8b6adbed95c0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 06:56:13 GMT
x-amz-version-id: teuPiY2VQUoq6V7O_JrlmGvCfxHh2Auv
content-encoding: br
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 20600
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 26 May 2022 11:08:36 GMT
server: AmazonS3
etag: W/"71e5d3fcadf1f486ecb5f5c0e7bc3142"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: Rt9ktCE5KB-hqPR44tzUaHj6a1pLahlBUCfOQlLN7S44YHD-9yp74A==

GET
H2 200 628f5fb2023475e708297d1f_savings.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 2 KB
1 KB 86ms
85ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/628f5fb2023475e708297d1f_savings.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1051b762fc1360deee59fc01eba5dc0d6255b4cca749682e64adc3a31ab6669

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 06:56:13 GMT
x-amz-version-id: dwtjWItgVvRmtIrSrjPwDS543W8G2w.V
content-encoding: br
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 20600
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 26 May 2022 11:08:36 GMT
server: AmazonS3
etag: W/"c7a269156bc1b6e20e73d86fca91e41a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: iWbVM6MFZxwiBCUFoQXM6sy2Xwe88dI73ltWvwpAqJv0DJELNk3G5g==

GET
H2 200 628dd92360cc1b2d47512e10_secured_loans.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 3 KB
1 KB 166ms
161ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/628dd92360cc1b2d47512e10_secured_loans.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be57d364140ceea8e174edf06a4fa8bc39d72185d5eb762ecdb08215894c9ac1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 01:01:17 GMT
x-amz-version-id: shSHkt0GKsvIl4IzXBaDz5ePrvB9j8wz
content-encoding: br
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 128296
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 25 May 2022 07:22:13 GMT
server: AmazonS3
etag: W/"653c81ba5e00206aff7b6730d5cb6284"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 1TYgHBBmPPH_6hvuWkHQhheSeGNW5Ye9jDg52IkdOU4fQratgd_-Fg==

GET
H2 200 61c0d1264935ee173ea20df9_Jeff-logo-blue.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 3 KB
1 KB 242ms
240ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/61c0d1264935ee173ea20df9_Jeff-logo-blue.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d775ef7a2096a1c305415446bbe051c47bcc1f76bf2b676acfdeae41483d5d53

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:45:13 GMT
x-amz-version-id: XtJG1xIfC3_oAEC_jmId_Ai9gImM0CTR
content-encoding: br
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 3239660
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 20 Dec 2021 18:53:28 GMT
server: AmazonS3
etag: W/"fac34ae20c20c5797b16e98a6037501e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: Gobp7ksuq8F426Fx12ELcUrn-qQDwbIokdhDLE0jNJGuJKLU6MRtug==

GET
H2 200 624dd0dbb706f89afc7b6ea0_fb.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 805 B
1 KB 233ms
231ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0dbb706f89afc7b6ea0_fb.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd6fe0fed6def1b676286a203da5c58d178152d29b73debcf8c8f4ed6e269079

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 16:17:41 GMT
x-amz-version-id: taIhEQVhftJJ0orwE875uuRGTM0QSMm1
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 1196512
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 805
last-modified: Wed, 06 Apr 2022 17:41:48 GMT
server: AmazonS3
etag: "687cc2617c243d910f0743a3d8452c15"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: Ewn0JkzC5wTnkepturnO1NLsnogOyggHEx1N6bJj3iErKfvL8Z7Hdw==

GET
H2 200 624dd0db681f4101c2e9eac8_in.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 1 KB
1 KB 182ms
180ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0db681f4101c2e9eac8_in.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d717cba240296a1b3b65d0cb186a1c38614ed3f9aafd9de18e7c3c6f0724450a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 04:21:38 GMT
x-amz-version-id: VP6TR.Hx58N3J68upyMni2nf3wXbty2o
content-encoding: br
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 2881075
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 06 Apr 2022 17:41:48 GMT
server: AmazonS3
etag: W/"5edd93d3ac96637a6387b794ef6bd0ec"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: zfo-V8BerpoPJAKlrROsKnh34p89XblRO2Wk6Q2v_paBpdiRA5zVfQ==

GET
H2 200 624dd0db68b1d40bf15c8fa5_you.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 825 B
1 KB 248ms
247ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/624dd0db68b1d40bf15c8fa5_you.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3dadf84bd14d47f74d4c3f09b51bc14881840c6264235050f333684d092dc43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:17:43 GMT
x-amz-version-id: 2JF0_xUDqsL7IMoubtz07Y47rHK4VWFh
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 1200110
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 825
last-modified: Wed, 06 Apr 2022 17:41:48 GMT
server: AmazonS3
etag: "210beff4c931452baacbe861bcdcb0ad"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: EmTjrgFrn4GOxBrtM_7ySizqTGi_WOJJVw5OrYRXjKHfBScRJBfs5Q==

GET
H2 200 global.js Show response
scripts.jeff-app.com/webflow/ 9 KB
3 KB 456ms
78ms Script
application/javascript 2600:1f18:2489:8200::c8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.jeff-app.com/webflow/global.js

Requested by

Host: www.jeff.vn
URL: https://www.jeff.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8200::c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

d92292ec526d7ef1177fd905e90c1373e1a24fbde8417a3941ce924fb71c0270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nf-request-id: 01GN9SGQK65DEA6ZRD848PGZVR
date: Mon, 26 Dec 2022 16:05:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 74021
etag: "b045aa754bbb60be986fef485908ddd9-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 3186

GET
H2 200 sdk.js Show response
sp.zalo.me/plugins/ 105 KB
30 KB 1314ms
538ms Script
text/javascript 49.213.114.132
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.zalo.me/plugins/sdk.js

Requested by

Host: www.jeff.vn
URL: https://www.jeff.vn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.132 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

c027ebd1c4192b5327c3194990a711b4081ea32a118e16f0d16a82f731ab3368

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:33 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
server: za-ngx-srv
etag: cbc6013bb2eeee269197cfbcfe0d1818--gzip
vary: Accept-Encoding, User-Agent
content-type: text/javascript;charset=utf-8

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 374ms
47ms Script
application/javascript 13.33.81.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6107d6546b656bffc909cd26
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.81.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-81-115.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.jeff.vn/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 09:10:36 GMT
content-encoding: gzip
via: 1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
age: 12540
x-amz-cf-pop: EWR52-C1
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: 3L-1XKZATVSOT54fVpViEW1XGe8clKjt_4TL2iOG1voGboI5IFz0DA==

GET
H2 200 jeff-vn.eb8060fe1.js Show response
assets-global.website-files.com/6107d6546b656bffc909cd26/js/ 912 KB
93 KB 99ms
98ms Script
text/javascript 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/js/jeff-vn.eb8060fe1.js
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7018fb7eeae500da4487b843306c42dde6612ab97c8d48c774179b5345d9fbd8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: EBWaDplTd.dLBGVxL1QwprOir0E_FFJ5
content-encoding: gzip
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
date: Tue, 27 Dec 2022 09:57:49 GMT
age: 9704
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 94447
last-modified: Mon, 26 Dec 2022 09:34:23 GMT
server: AmazonS3
etag: "085c317f68dc7cc94881a1685085ccbd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: MQODw0ZgrZSXhMg02XXuumZonvjJTcJvWTpfQHLvX2xytB4DgK51Mw==

GET
H2 200 global.js Show response
app.jeff.vn/embeddable-scripts/webflow/ 98 KB
31 KB 1169ms
783ms Script
application/javascript 13.225.223.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.jeff.vn/embeddable-scripts/webflow/global.js

Requested by

Host: www.jeff.vn
URL: https://www.jeff.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-26.jfk51.r.cloudfront.net

Software

Resource Hash

d56f55fe30935f8887bb13b137e0b05e73f1e2fc2213c61dcceb0d22c0dd3b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:33 GMT
content-encoding: gzip
via: 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: JFK51-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Dec 2022 09:01:16 GMT
etag: W/"188e7-18552d08760"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: 5vIP4dX4_TjL73QVl9F5vgwGKEYoTcnEzTRUiiTN4NNM7-0pamX3Jw==

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 365ms
14ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

062e92de33a45fd783639d799f66c932c1ee42521c45c53f54a2d06e03ba4771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Dec 2022 12:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Dec 2022 12:39:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Dec 2022 12:39:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 271 KB
84 KB 435ms
61ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK

Requested by

Host: www.jeff.vn
URL: https://www.jeff.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aaa6cf564cfd93ff3d510800575c9f5412f057d5ad9e7b8dd8ee5eb1710fd508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85651
x-xss-protection: 0
last-modified: Tue, 27 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Dec 2022 12:39:32 GMT

GET
H2 200 62a2119cbd33a10e1459ce26_2x2.webp
assets-global.website-files.com/6107d6546b656bffc909cd26/ 25 KB
26 KB 255ms
75ms Image
image/webp 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/62a2119cbd33a10e1459ce26_2x2.webp
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b8c914f12.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ef7a0d6d5fe3d76fe5a22cb3c5e526ed99cec30d4b6fe967d2bc40d3f932ae8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b8c914f12.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 22:19:03 GMT
x-amz-version-id: m7y6nwKGOWBiAMyGlfTEIf3mSz6Mscnr
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 51630
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25770
last-modified: Tue, 02 Aug 2022 21:10:00 GMT
server: AmazonS3
etag: "a9dd6f23bd55b77a72f17613687fdd84"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: JNUe9pHQ22sR0YdrrAW2PTbEpwQOf113G8jRN4guMbRd_spMmkF-Xg==

GET
H2 200 62a2119b77eac7156d5f362d_Group%20709.webp
assets-global.website-files.com/6107d6546b656bffc909cd26/ 17 KB
17 KB 231ms
50ms Image
image/webp 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/62a2119b77eac7156d5f362d_Group%20709.webp
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b8c914f12.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50c93aa50a0a2dc46b980951a19bf0ffeaea45aa639893f682b6a23e3504ab42

Request headers

accept-language: en-US,en;q=0.9
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b8c914f12.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 07:37:05 GMT
x-amz-version-id: _L8PnsIAUzLr_hOIsmPxriaJErMRkiP2
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 18148
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16906
last-modified: Tue, 02 Aug 2022 21:10:00 GMT
server: AmazonS3
etag: "b818bb3526d68a944a0aa39ad705a860"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: FxfH4b24GE87Hut2BzLHQWA3jCNKPIG4ozizL5GygamzWAgUskPEUw==

GET
H2 200 6298b44ceb8d12866c350cde_appps.webp
assets-global.website-files.com/6107d6546b656bffc909cd26/ 29 KB
29 KB 277ms
97ms Image
image/webp 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/6298b44ceb8d12866c350cde_appps.webp
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b8c914f12.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d28193b11378d35a8e3119f7b70401153d2939a50ef3b8ff1402fcdd80c0ff70

Request headers

accept-language: en-US,en;q=0.9
Referer: https://assets-global.website-files.com/6107d6546b656bffc909cd26/css/jeff-vn.b8c914f12.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 07:37:05 GMT
x-amz-version-id: _xWmHn6_4Lpel1GnEFl1i14_bJuDuguq
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 18148
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29286
last-modified: Tue, 02 Aug 2022 21:10:00 GMT
server: AmazonS3
etag: "0b7fda5237aea4061cb450bf07573ecf"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 5lv8c1m50qXs6EBKQg8OIUkT--EcHVyh1BPE_2261VOrHUmAEXLvLQ==

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 6257d0581c61c51d8930513f_hand-1.webp
assets-global.website-files.com/6107d6546b656bffc909cd26/ 2 KB
2 KB 286ms
71ms Image
image/webp 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/6257d0581c61c51d8930513f_hand-1.webp
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7541bdec83ec7e24ebc9e396e5406c3e8ee9a7b6d4abd25b2d565211d4791df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 07:37:53 GMT
x-amz-version-id: d5GzRnhpTIqxilGj6KaQ9TJU3gXBIs0X
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 18101
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1590
last-modified: Tue, 02 Aug 2022 21:25:01 GMT
server: AmazonS3
etag: "20505b801b87927ebff541f7fff155aa"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: Co8YlwuT_RovBF7FvKZ3PU3OCHaVSJqWeecl6QJuDf1v5yCenH54Fw==

GET
H2 200 6257d058e4dd73ddf2d9816c_hand-2.webp
assets-global.website-files.com/6107d6546b656bffc909cd26/ 2 KB
2 KB 269ms
55ms Image
image/webp 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/6257d058e4dd73ddf2d9816c_hand-2.webp
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 365249e41bfabdf507ed0245435432051a32507efa3aa255872f43c6e9c6ece5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 06:56:13 GMT
x-amz-version-id: HGgUluDhexsLiHwA94_zPqE4zmul3_Gn
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 20601
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1852
last-modified: Tue, 02 Aug 2022 21:25:01 GMT
server: AmazonS3
etag: "3daf6244854e8b9bbbd963aa0b26e594"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: YKl0emzC-1M-jQoO0RYUTgNGLw85TeDNakXLf1UKvhEjdaRKyu6ieQ==

GET
H2 200 6257d059ee20ad9a2dcfce35_hand-3.webp
assets-global.website-files.com/6107d6546b656bffc909cd26/ 2 KB
3 KB 286ms
72ms Image
image/webp 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/6257d059ee20ad9a2dcfce35_hand-3.webp
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad1a118938fac2fa74f44d29a675438e04d293c41d7ddfc35e17bbbc00cc7fa6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 04:09:02 GMT
x-amz-version-id: LiH62m.Kd6Rz4Q_rOcR5s603zBQ1c7Ld
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 30632
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2192
last-modified: Tue, 02 Aug 2022 21:25:01 GMT
server: AmazonS3
etag: "95ef239250162c278bae22a0e4d12d86"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: p2zoT93C_WjpIBZKYgjXCjdSQAdggLElc2Dyo6VnpA3Jn1IgFZJ82Q==

GET
H2 200 628f31e97d231cf3b63163ec_pr5.webp
assets-global.website-files.com/6107d6546b656bffc909cd26/ 25 KB
25 KB 277ms
74ms Image
image/webp 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/628f31e97d231cf3b63163ec_pr5.webp
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf2e38998da76eae542f6c8ef8583958e14a70643a25a8d8d829ac02d87fd520

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 08:37:51 GMT
x-amz-version-id: uqa6Y63l4L_JMdA.5UAL9GSGjPk6tzhG
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 14503
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25590
last-modified: Tue, 02 Aug 2022 21:10:00 GMT
server: AmazonS3
etag: "333af75849dd165731f59cdd2777f569"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: d5H3t_70x5OI0b4JKLZstNy9-nw3ZDmjqcu4KYc_AOXFZe_iIrs3YA==

GET
H2 200 6257f4f749a30a237ccaa528_arrow_jf.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 195 B
654 B 270ms
67ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/6257f4f749a30a237ccaa528_arrow_jf.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22f84898dfaf6b30e6fe24bcc4eff0a3d32ac4f6f6dc14860344a0d729020d0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 18:00:32 GMT
x-amz-version-id: l649ACJNH_gjE7.WkFw0FmhBX8VYNHxL
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 67142
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 195
last-modified: Thu, 14 Apr 2022 10:18:33 GMT
server: AmazonS3
etag: "c437085b9b92b0f9b24b940b0809dee1"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 3CV1Zk-_HsWFXZcJfk7CBJzFs3m8Kj63a4ckK4i0DjdouZYTI79_jA==

GET
H2 200 628f31ea6d8bacba2c77da60_pr3.webp
assets-global.website-files.com/6107d6546b656bffc909cd26/ 27 KB
27 KB 267ms
64ms Image
image/webp 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/628f31ea6d8bacba2c77da60_pr3.webp
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c43e2246e974a113da0208bf29f5107ffbc6c72d53f6a47d372e844b1f39f436

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 08:37:51 GMT
x-amz-version-id: FivkGDonXtBEn5fOJWZArGb33gTMznII
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 14503
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27622
last-modified: Tue, 02 Aug 2022 21:10:00 GMT
server: AmazonS3
etag: "33be94954af77cbf8b2c10e0cda1bbac"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: KHV4r2Gb_0L8JsopS3jIKwa73VZSbrvvFfAUwfbv8vJmnImbtA3e5w==

GET
H2 200 628f31e9f853c085da170f6d_pr2.webp
assets-global.website-files.com/6107d6546b656bffc909cd26/ 19 KB
20 KB 272ms
70ms Image
image/webp 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/628f31e9f853c085da170f6d_pr2.webp
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5154fbb7ffb86b837e4e5cd076abdb1d595bdec474336fb65ff9efb139041c36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 08:50:56 GMT
x-amz-version-id: eMwwOGjZiFvyXzS4rF1B55gHxXamIK02
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 13718
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19720
last-modified: Tue, 02 Aug 2022 21:10:00 GMT
server: AmazonS3
etag: "60862607b38ae33d0ff1ef35b6fecb47"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: HGqeOwnMn9egQmghiVVZa5zKo9y5WJxuBTrlpN443aCbjjVJMTutfw==

GET
H2 200 628f31e9a1393bd2017196d8_pr4.webp
assets-global.website-files.com/6107d6546b656bffc909cd26/ 21 KB
21 KB 280ms
77ms Image
image/webp 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/628f31e9a1393bd2017196d8_pr4.webp
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9cfbcea0b8ea97590df063b9624d8546db3782c24dbc4642920cb6e77bbd03f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 08:46:25 GMT
x-amz-version-id: nUHPiYGthF_D0HCNYxmIR08qVZ3Chhav
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 13989
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 21422
last-modified: Tue, 02 Aug 2022 21:10:00 GMT
server: AmazonS3
etag: "4ded2075f0029fee86e671939d881571"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: npMzU09OrEQZtqFNYIu4XbJTa9IXiXnOCz_KbGYqiYDpCtgoRqJtsQ==

GET
H2 200 628f31e93aa8dd9e3abff0be_pr1.webp
assets-global.website-files.com/6107d6546b656bffc909cd26/ 24 KB
25 KB 306ms
104ms Image
image/webp 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/628f31e93aa8dd9e3abff0be_pr1.webp
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40bd7ea6109c0e52f261160b21474ad77b20faf871feaad2cc539c7f140aabe1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 08:37:51 GMT
x-amz-version-id: wU7OsHQQ8LngMKW2gbOftkjxbqWuo2AC
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 14503
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24644
last-modified: Tue, 02 Aug 2022 21:10:00 GMT
server: AmazonS3
etag: "5bf34e688fec33d2d7e9bb9916efe25a"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: qLFwdj1APDYV5mU5uaT91v2SJOv1LH7OGbotb1EPpNVurbTReZTPMA==

GET
H2 200 625879fcf6c684929927dfca_Group%20746.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 16 KB
7 KB 277ms
80ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/625879fcf6c684929927dfca_Group%20746.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d8fa817c71210c8d7c59e7f4ad3a7356eadfe48c8f1b95b68422224dd48cf4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 01:02:41 GMT
x-amz-version-id: Ahcx4AKIE_naP6h4S1YItLgxflJXvFO4
content-encoding: br
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 3238613
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 14 Apr 2022 19:46:07 GMT
server: AmazonS3
etag: W/"294148022ac8428de1511db3b5923568"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: i3j_26QItnhdCJKYOfYy0bVxh0G1Ik65NgusdkFvD0Fpr8-LAdoCfw==

GET
H2 200 627b7daca8c598bad5b61850_logo%20(7)%202.png
assets-global.website-files.com/6107d6546b656bffc909cd26/ 3 KB
4 KB 334ms
137ms Image
image/png 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/627b7daca8c598bad5b61850_logo%20(7)%202.png
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65f1c35c6574b4d557120bce140f7c44ca8a2a1002a3a1ae1e23b070cc90ffeb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 16:17:43 GMT
x-amz-version-id: 7_zgAiH86xbz_7ozG1LQ9k3rze14CKEo
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 1196511
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3352
last-modified: Wed, 11 May 2022 09:11:10 GMT
server: AmazonS3
etag: "4b39d5741f0e43fb11e055ab85c6536f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: m7DcQMRKT8xE8ni-IO1SOTz47u1gjcPUx0yAs3yhybJXU31ovt3pzw==

GET
H2 200 627427d2da736f4058978eb9_Group.png
assets-global.website-files.com/6107d6546b656bffc909cd26/ 4 KB
4 KB 351ms
156ms Image
image/png 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/627427d2da736f4058978eb9_Group.png
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cfb3e26e0bee20b23edfee49e5612266383098273c3d7771a1dacd9b2bf544d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 22:19:28 GMT
x-amz-version-id: ADdfUhhjzdLDlFsi6hU7lEUEw.BBUsSo
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
age: 51606
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3806
last-modified: Thu, 05 May 2022 19:39:01 GMT
server: AmazonS3
etag: "4087d7a43fd6b27cd4233ed8e0987c8a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: av_1_asTrPr4mkZLIpOkRpzP0bbnJHmW6Lw5kXq7puyPW4Trw-kAPw==

GET
H2 200 627904e9db28b95574610155_we28.webp
assets-global.website-files.com/6107d6546b656bffc909cd26/ 23 KB
24 KB 355ms
170ms Image
image/webp 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/627904e9db28b95574610155_we28.webp
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b77cc417edf05d9a80ab1c874d97476dc821f92ae3ae311ea5a56477cc9a590

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:34 GMT
x-amz-version-id: S9M0pcNlzwPRW6QRU_CtY_UL7RGeaWqX
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
last-modified: Tue, 02 Aug 2022 21:45:08 GMT
server: AmazonS3
x-amz-cf-pop: EWR50-C1
etag: "8e167784b2ad4baa85cca1a7216c27f6"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
content-length: 23954
x-amz-cf-id: yxomRVs5--1iMWY0HAckO1wKw_jsFjb57L4FnmmE8hoA0IhwZll7Og==

GET
H2 200 6257d6ea6586ce09746c52d4_number1.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 311 B
760 B 354ms
173ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/6257d6ea6586ce09746c52d4_number1.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 156331c2fdfe86f5e79d38f439c1480d02df2ef6d48ab83fdf0e845b1a1e5a44

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:34 GMT
x-amz-version-id: Ymjvaz_a6HiBNNEXnbbjV6FgFnzkqbf2
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
last-modified: Thu, 14 Apr 2022 08:10:20 GMT
server: AmazonS3
x-amz-cf-pop: EWR50-C1
etag: "e82adcba3c2dfa2c334a736ab59714f4"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 311
x-amz-cf-id: i2SYGUnLARHYmWOD5GzMcrAjgx265Y9pdUyf7cqXI02btVYzrOMr-g==

GET
H2 200 6257d6eafebaf33342b5e79a_number2.svg
assets-global.website-files.com/6107d6546b656bffc909cd26/ 993 B
1 KB 368ms
187ms Image
image/svg+xml 2600:9000:21ea:6c00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/6107d6546b656bffc909cd26/6257d6eafebaf33342b5e79a_number2.svg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:6c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a778bd7076fba09072b9f8dfe49e2d5e8e4e04042841c36b3a4163d25f51e59

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:34 GMT
x-amz-version-id: iNBjdwgOZYw5gpMpKUAGNxZWLJVhvRpo
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
last-modified: Thu, 14 Apr 2022 08:10:20 GMT
server: AmazonS3
x-amz-cf-pop: EWR50-C1
etag: "0c7fe5658deaaff73966ea1aeccbdd16"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 993
x-amz-cf-id: zcg9YbDbKGvQAdElKwXW3RCJ3TCXSlC4C8nbLv2r8nR8i__XjCTVbA==

GET
H2 200 QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 20 KB
20 KB 330ms
43ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afba0a9e71e6bf5b89cb8ea73a331d6f16d8ad0d9059fd5270e424c2b372da82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:23:49 GMT
x-content-type-options: nosniff
age: 569744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20136
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:13:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 22:23:49 GMT

GET
H2 200 QdVMSTAyLFyeg_IDWvOJmVES_HToIW81Rb0.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 20 KB
21 KB 233ms
116ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW81Rb0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d5079784cb170ff863dd8ce87ab5b1562f78604fc6a58e364d79073339e09c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 09:11:20 GMT
x-content-type-options: nosniff
age: 12493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:06:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Dec 2023 09:11:20 GMT

GET
H2 200 QdVMSTAyLFyeg_IDWvOJmVES_HToIW87Rb0bcw.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 12 KB
12 KB 241ms
125ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW87Rb0bcw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c74d26fa05df23036cb8406bc0f4f719d0004fd0fd671304286dee3c68f781e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 06:02:00 GMT
x-content-type-options: nosniff
age: 283053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12352
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:03:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 06:02:00 GMT

GET
H2 200 QdVMSTAyLFyeg_IDWvOJmVES_HTEJm81Rb0.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 20 KB
20 KB 144ms
82ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm81Rb0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fdd06615194a9a10ddc8b928c428e2dbb2b20ed70dfcafe40de89cddaf61f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 08:31:29 GMT
x-content-type-options: nosniff
age: 14884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20816
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Dec 2023 08:31:29 GMT

GET
H2 200 QdVMSTAyLFyeg_IDWvOJmVES_HTEJm87Rb0bcw.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 12 KB
12 KB 219ms
162ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm87Rb0bcw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16f7f28cd79e331da4b267c4d9a440a07490d687037645987ea93a68edd9e11d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:48:02 GMT
x-content-type-options: nosniff
age: 517891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12332
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:26:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 12:48:02 GMT

GET
H2 200 QdVPSTAyLFyeg_IDWvOJmVES_Hw5BXoKZA.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 12 KB
12 KB 151ms
94ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw5BXoKZA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5089932a425db8912573a4808c785d2881ce9089791752eccd8d5d839c212acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:14:24 GMT
x-content-type-options: nosniff
age: 570309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11812
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:09:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 22:14:24 GMT

GET
H2 200 QdVMSTAyLFyeg_IDWvOJmVES_HSMIG81Rb0.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 21 KB
21 KB 157ms
152ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG81Rb0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2b36199292fd0a66f42de265cbbcaaefce6ebacb6b6a116beebc4e61e8ae8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 00:42:58 GMT
x-content-type-options: nosniff
age: 561395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21024
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 00:42:58 GMT

GET
H2 200 QdVMSTAyLFyeg_IDWvOJmVES_HSMIG87Rb0bcw.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 12 KB
12 KB 154ms
149ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG87Rb0bcw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6763cceefa8d31d62ac72ff2ac0dfe4ea30215fead28d7afebe5ca01cf1d9221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:20:19 GMT
x-content-type-options: nosniff
age: 526754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12644
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:05:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 10:20:19 GMT

GET
H2 200 QdVMSTAyLFyeg_IDWvOJmVES_HScJ281Rb0.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 20 KB
20 KB 136ms
21ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ281Rb0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39f71bd192fef15e3ff9ed3e4ab1c336d6019d97e5a2b7cdcfb136176597c52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:02:04 GMT
x-content-type-options: nosniff
age: 578249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20840
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:05:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 20:02:04 GMT

GET
H2 200 QdVMSTAyLFyeg_IDWvOJmVES_HScJ287Rb0bcw.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 12 KB
12 KB 163ms
48ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ287Rb0bcw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26854f297793040b3587a207fbbaac3b61c4b4aaefda33b720e920251896a33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 12:13:55 GMT
x-content-type-options: nosniff
age: 87938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12132
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 12:13:55 GMT

GET
H3 200 QdVMSTAyLFyeg_IDWvOJmVES_HSQI281Rb0.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 21 KB
21 KB 75ms
73ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSQI281Rb0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a6403be855cf28f8fc7eb0ec377f8fe84e4508da830f6a1cffe96040d3c48ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:02:24 GMT
x-content-type-options: nosniff
age: 488229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21208
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:14:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 21:02:24 GMT

GET
H3 200 QdVMSTAyLFyeg_IDWvOJmVES_HS0Im81Rb0.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 20 KB
20 KB 85ms
83ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HS0Im81Rb0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee0eab7c78914d952b5119684d1aed29aec2707fe7cc1b1bb75771fe87ca68b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 19:59:48 GMT
x-content-type-options: nosniff
age: 578385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20640
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:10:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 19:59:48 GMT

GET
H2 200 collect
api.jeff-app.com/lead-api/web/ 0
0 1130ms
167ms Fetch 13.233.222.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.jeff-app.com/lead-api/web/collect

Requested by

Host: scripts.jeff-app.com
URL: https://scripts.jeff-app.com/webflow/global.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.233.222.59 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-233-222-59.ap-south-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:34 GMT
x-content-type-options: nosniff
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
access-control-allow-origin: https://www.jeff.vn
access-control-expose-headers: Authorization
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H3 200 QdVMSTAyLFyeg_IDWvOJmVES_HToIW86Rb0bcw.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 11 KB
11 KB 134ms
52ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HToIW86Rb0bcw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0f14805c4f59ff808400de351404874309171b89d378b87de32719d04810b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 23:49:21 GMT
x-content-type-options: nosniff
age: 305413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11100
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:12:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 23:49:21 GMT

GET
H3 200 QdVMSTAyLFyeg_IDWvOJmVES_HTEJm86Rb0bcw.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 11 KB
11 KB 249ms
166ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HTEJm86Rb0bcw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7cc6e59d8515b32c8a24943605545663453210ed0f51005e6f259224d4c35a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 23:37:18 GMT
x-content-type-options: nosniff
age: 565336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11072
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:06:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 23:37:18 GMT

GET
H3 200 QdVPSTAyLFyeg_IDWvOJmVES_Hw4BXoKZA.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 10 KB
10 KB 155ms
78ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw4BXoKZA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e200d0551f7d87d4c1a32ba265186be23494477b64a48accbf6198fe6e79956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 00:32:44 GMT
x-content-type-options: nosniff
age: 562010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10436
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:09:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 00:32:44 GMT

GET
H3 200 QdVMSTAyLFyeg_IDWvOJmVES_HSMIG86Rb0bcw.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 11 KB
11 KB 229ms
161ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG86Rb0bcw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce776e36ca591b5ae2ac1ef88f220a13dff461eb4ec3c2994d789853165effa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:54:48 GMT
x-content-type-options: nosniff
age: 567886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11412
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:15:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 22:54:48 GMT

GET
H3 200 QdVMSTAyLFyeg_IDWvOJmVES_HScJ286Rb0bcw.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 11 KB
11 KB 223ms
160ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HScJ286Rb0bcw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Be+Vietnam+Pro:300,regular,500,600,700,800,900&subset=latin,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe0e476d081283bccd12deb3adf743da1a7b9b05ec96b9cfab3a300c29430069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jeff.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 19:15:04 GMT
x-content-type-options: nosniff
age: 494670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11176
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:06:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:15:04 GMT

GET
H2 200 / Show response
page.widget.zalo.me/ Frame 4C3D 4 KB
2 KB 1310ms
221ms Document
text/html 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=fbfd48d3-fd60-443d-b600-c1b8eb7092ba&domain=www.jeff.vn&android=false&ios=false

Requested by

Host: sp.zalo.me
URL: https://sp.zalo.me/plugins/sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

b0c187761428d550872c87ddf90f459276c115c4964ec21f9bb2715a75ba63e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-length: 1721
date: Tue, 27 Dec 2022 12:39:35 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400
vary: Accept-Encoding, User-Agent

GET
H2 200 za.js Show response
za.zdn.vn/v3/ 20 KB
8 KB 1609ms
155ms Script
application/javascript 120.138.69.5
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://za.zdn.vn/v3/za.js?19353
Requested by: Host: sp.zalo.me
URL: https://sp.zalo.me/plugins/sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 120.138.69.5 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS: ptr.vng.vn
Software: nginx /
Resource Hash: 283c6e49992d2a00cc6e9eb88668b65be994b1c6e907dc561854869c21fa8251

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:36 GMT
content-encoding: gzip
last-modified: Mon, 10 Jan 2022 09:12:24 GMT
server: nginx
age: 80
etag: W/"61dbf878-4f41"
content-type: application/javascript
access-control-allow-origin: *
content-length: 7910

GET
H3

200

activityi;dc_pre=CIep99romfwCFdcHaAgdPmAKqw;src=11882785;type=rmkt;cat=202200;ord=1654770286813;gtm=2wgbu0;auiddc=1656878325.1672144775;~oref=https%3A%2F%2Fwww.jeff.vn%2F Show response
11882785.fls.doubleclick.net/ Frame 8C06
Redirect Chain

https://11882785.fls.doubleclick.net/activityi;src=11882785;type=rmkt;cat=202200;ord=1654770286813;gtm=2wgbu0;auiddc=1656878325.1672144775;~oref=https%3A%2F%2Fwww.jeff.vn%2F?
https://11882785.fls.doubleclick.net/activityi;dc_pre=CIep99romfwCFdcHaAgdPmAKqw;src=11882785;type=rmkt;cat=202200;ord=1654770286813;gtm=2wgbu0;auiddc=1656878325.1672144775;~oref=https%3A%2F%2Fwww....

475 B
284 B

321ms
139ms

Document
text/html

142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11882785.fls.doubleclick.net/activityi;dc_pre=CIep99romfwCFdcHaAgdPmAKqw;src=11882785;type=rmkt;cat=202200;ord=1654770286813;gtm=2wgbu0;auiddc=1656878325.1672144775;~oref=https%3A%2F%2Fwww.jeff.vn%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.198 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

1e4ca3275dcf5a9339859b2df952e92a45f29d7d746375d44b9bf5c1f1335e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 259
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 12:39:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 12:39:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11882785.fls.doubleclick.net/activityi;dc_pre=CIep99romfwCFdcHaAgdPmAKqw;src=11882785;type=rmkt;cat=202200;ord=1654770286813;gtm=2wgbu0;auiddc=1656878325.1672144775;~oref=https%3A%2F%2Fwww.jeff.vn%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 42 KB
15 KB 592ms
14ms Script
application/javascript 2620:100:a001::f
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=98165

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::f , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

024c9e9e77b79c74bd26543ce72dfa9440aea185c5789caaa8b09814599e735b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 collect
api.jeff-app.com/lead-api/web/ 0
0 337ms
174ms Fetch 13.233.222.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.jeff-app.com/lead-api/web/collect

Requested by

Host: app.jeff.vn
URL: https://app.jeff.vn/embeddable-scripts/webflow/global.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.233.222.59 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-233-222-59.ap-south-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:35 GMT
x-content-type-options: nosniff
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
access-control-allow-origin: https://www.jeff.vn
access-control-expose-headers: Authorization
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 4C3D 11 KB
802 B 206ms
65ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;500;700;900&display=swap

Requested by

Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=fbfd48d3-fd60-443d-b600-c1b8eb7092ba&domain=www.jeff.vn&android=false&ios=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7be7f09031359954dc364ea96d191f84641f90b9d2e3f48ffb697968e63a8774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Dec 2022 12:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Dec 2022 12:39:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Dec 2022 12:39:36 GMT

GET
H2 200 za.js Show response
za.zdn.vn/v3/ Frame 4C3D 20 KB
8 KB 307ms
284ms Script
application/javascript 120.138.69.5
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://za.zdn.vn/v3/za.js
Requested by: Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=fbfd48d3-fd60-443d-b600-c1b8eb7092ba&domain=www.jeff.vn&android=false&ios=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 120.138.69.5 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS: ptr.vng.vn
Software: nginx /
Resource Hash: 283c6e49992d2a00cc6e9eb88668b65be994b1c6e907dc561854869c21fa8251

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:36 GMT
content-encoding: gzip
last-modified: Mon, 10 Jan 2022 09:12:24 GMT
server: nginx
age: 80
etag: W/"61dbf878-4f41"
content-type: application/javascript
access-control-allow-origin: *
content-length: 7910

GET
H2 200 sdk-server-1.0.0.js Show response
sp-zp.zdn.vn/ Frame 4C3D 3 KB
3 KB 1795ms
225ms Script
application/javascript 120.138.69.12
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-zp.zdn.vn/sdk-server-1.0.0.js
Requested by: Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=fbfd48d3-fd60-443d-b600-c1b8eb7092ba&domain=www.jeff.vn&android=false&ios=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 120.138.69.12 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS: ptr.vng.vn
Software: ZDN /
Resource Hash: d7e675024981a396c864a91cd38aa73f01375a10b78740f1eba6ddad76362dd6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:38 GMT
last-modified: Fri, 26 Aug 2022 06:58:29 GMT
server: ZDN
age: 35970
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2889

GET
H2 200 cphandler.js Show response
page.widget.zalo.me/static/js/ Frame 4C3D 7 KB
2 KB 321ms
298ms Script
application/javascript 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://page.widget.zalo.me/static/js/cphandler.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

5904f4c6de8f2b7a3912fa215e8486718e0cac1de1832f64b30f3f58c860dfa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=fbfd48d3-fd60-443d-b600-c1b8eb7092ba&domain=www.jeff.vn&android=false&ios=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:36 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
server: za-ngx-srv
vary: Accept-Encoding, User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 2279

GET
H2 200 zinit.js Show response
page.widget.zalo.me/static/js/ Frame 4C3D 2 KB
1 KB 312ms
290ms Script
application/javascript 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://page.widget.zalo.me/static/js/zinit.js?v5

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

38488bcabc1cee15df88f71d38004a8e277c2437e84ab3d6f47328140a028f4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=fbfd48d3-fd60-443d-b600-c1b8eb7092ba&domain=www.jeff.vn&android=false&ios=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:36 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
server: za-ngx-srv
vary: Accept-Encoding, User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 900

GET
H2 200 all.min.css
page.widget.zalo.me/static/css/fa/css/ Frame 4C3D 170 KB
33 KB 316ms
294ms Stylesheet
text/css 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://page.widget.zalo.me/static/css/fa/css/all.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=fbfd48d3-fd60-443d-b600-c1b8eb7092ba&domain=www.jeff.vn&android=false&ios=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:36 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
server: za-ngx-srv
vary: Accept-Encoding, User-Agent
content-type: text/css
accept-ranges: bytes

GET
H2 200 main.607e1b85.chunk.css
page.widget.zalo.me/static/static/css/ Frame 4C3D 64 KB
26 KB 318ms
296ms Stylesheet
text/css 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://page.widget.zalo.me/static/static/css/main.607e1b85.chunk.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

48423b721cef80b0f33cd6b9de9f72abf2d3182613c365b6a5ee4cdc273619e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=fbfd48d3-fd60-443d-b600-c1b8eb7092ba&domain=www.jeff.vn&android=false&ios=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:36 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
server: za-ngx-srv
vary: Accept-Encoding, User-Agent
content-type: text/css
accept-ranges: bytes

GET
H2 200 2.7b346dac.chunk.js Show response
page.widget.zalo.me/static/static/js/ Frame 4C3D 771 KB
232 KB 330ms
309ms Script
application/javascript 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

94b524da037b37726482611150004e8c576fe55047490bad7203157ccbce42ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=fbfd48d3-fd60-443d-b600-c1b8eb7092ba&domain=www.jeff.vn&android=false&ios=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:36 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
server: za-ngx-srv
vary: Accept-Encoding, User-Agent
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 main.bdb050eb.chunk.js Show response
page.widget.zalo.me/static/static/js/ Frame 4C3D 165 KB
41 KB 1148ms
1133ms Script
application/javascript 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://page.widget.zalo.me/static/static/js/main.bdb050eb.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

6231a111d26346ba5baf244992fb1c699f922388a43d16d338bf5455b913c591

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=fbfd48d3-fd60-443d-b600-c1b8eb7092ba&domain=www.jeff.vn&android=false&ios=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:36 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
server: za-ngx-srv
vary: Accept-Encoding, User-Agent
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 dc_pre=CIep99romfwCFdcHaAgdPmAKqw;src=11882785;type=rmkt;cat=202200;ord=1654770286813;gtm=2wgbu0;auiddc=1656878325.1672144775;~oref=https%3A%2F%2Fwww.jeff.vn%2F Show response
adservice.google.com/ddm/fls/i/ Frame D95A 194 B
533 B 1133ms
0ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIep99romfwCFdcHaAgdPmAKqw;src=11882785;type=rmkt;cat=202200;ord=1654770286813;gtm=2wgbu0;auiddc=1656878325.1672144775;~oref=https%3A%2F%2Fwww.jeff.vn%2F

Requested by

Host: 11882785.fls.doubleclick.net
URL: https://11882785.fls.doubleclick.net/activityi;dc_pre=CIep99romfwCFdcHaAgdPmAKqw;src=11882785;type=rmkt;cat=202200;ord=1654770286813;gtm=2wgbu0;auiddc=1656878325.1672144775;~oref=https%3A%2F%2Fwww.jeff.vn%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11882785.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 12:39:37 GMT
expires: Tue, 27 Dec 2022 12:39:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 t Show response
za.zalo.me/v3/w/ 193 B
633 B 1224ms
321ms XHR
application/json 49.213.114.149
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://za.zalo.me/v3/w/t

Requested by

Host: za.zdn.vn
URL: https://za.zdn.vn/v3/za.js?19353

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.149 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

c5bddbc9ecdca4a81b76b811b609dd28a7c6a90b6512c970ee3fe177d135d644

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubdomains;

Request headers

Referer: https://www.jeff.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 27 Dec 2022 12:39:38 GMT
strict-transport-security: max-age=86400; includeSubdomains;
server: za-ngx-srv
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.jeff.vn
access-control-allow-credentials: true
content-length: 193
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0FAE 15 KB
6 KB 441ms
0ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.jeff.vn&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=98165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 12:39:37 GMT
server: Kestrel
server-processing-duration-in-ticks: 803287
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 t Show response
za.zalo.me/v3/w/ Frame 4C3D 177 B
636 B 1048ms
339ms XHR
application/json 49.213.114.149
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://za.zalo.me/v3/w/t

Requested by

Host: za.zdn.vn
URL: https://za.zdn.vn/v3/za.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.149 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

39ea507c0f35a222ed98e28e11661c725767890d4aaab689bff2babba8f83a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubdomains;

Request headers

Referer: https://page.widget.zalo.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 27 Dec 2022 12:39:38 GMT
strict-transport-security: max-age=86400; includeSubdomains;
server: za-ngx-srv
content-type: application/json; charset=utf-8
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
content-length: 177
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 le
za.zalo.me/v3/ Frame 4C3D 0
97 B 307ms
239ms Image
text/plain 49.213.114.149
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://za.zalo.me/v3/le?msg=Set%20visitor%20id%20while%20it%20is%20invalid%3A%20&ver=2201101603&r=1672144777253

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.149 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:38 GMT
strict-transport-security: max-age=86400; includeSubdomains;
server: za-ngx-srv
content-length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 505ms
98ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Dec 2022 12:39:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ZfKkelH2O98+QvZJwPTUmkiV6/0tm22sf2rOR7tWSBmhN8cFP141qGXffwuyIOlrLgwkYjSyCDLF4EpViRScuQ==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 333ms
125ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 27 Dec 2022 12:39:37 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7BBD08C0915F4ABBA4F004B1D834B550 Ref B: CHGEDGE1205 Ref C: 2022-12-27T12:39:38Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 zdmp_tr_px.js Show response
px.dmp.zaloapp.com/static/ Frame 4C3D 3 KB
3 KB 1553ms
271ms Script
application/javascript 49.213.114.180
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.dmp.zaloapp.com/static/zdmp_tr_px.js
Requested by: Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/js/zinit.js?v5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 49.213.114.180 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software: za-ngx-srv /
Resource Hash: 0f7242dd0414ccc179b5e08a6bcd8e8334683f4339d1f7bb082555d4ea1684a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:39 GMT
last-modified: Tue, 27 Dec 2022 07:33:52 GMT
server: za-ngx-srv
etag: "63aa9fe0-a57"
content-type: application/javascript
cache-control: no-cache, max-age=0
accept-ranges: bytes
content-length: 2647

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0FAE
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=jeff.vn&sn=ChromeSyncframe&so=0&topUrl=www.jeff.vn&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=CcBW-HwvZ29vS0VXOUE5VjdmQjc3Q0MvVFlyNWwycTNZTWgrUHZEN0pvNXdmeEtUdmtZT2lvbnhIa21RN3hjWHRFRFJTemRuNWw2eTgraVZzLzh2a1VkR1dJZ1V6S0ZLL3ViNmVIRHY3Ym5nanVmUFRGcTc4QVF1d2VEam...

443 B
673 B

198ms
49ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=CcBW-HwvZ29vS0VXOUE5VjdmQjc3Q0MvVFlyNWwycTNZTWgrUHZEN0pvNXdmeEtUdmtZT2lvbnhIa21RN3hjWHRFRFJTemRuNWw2eTgraVZzLzh2a1VkR1dJZ1V6S0ZLL3ViNmVIRHY3Ym5nanVmUFRGcTc4QVF1d2VEamhWc1NtTlJpMXpnN25PTllBVyt2dFRUNjlBblYzRWNnRmt2MjA3SXQrUEpVNGhIZnJOQ1dZcVlSVzhOVW9GdkFtOC9IdVlUYmJESm9PR0hMSU1ZN1IwNXhOblhVdElsYTRpWGNsSjI1MnpHQmR2eWRwOEIrejJEWDJjSU8wK3Mwbnk2N1VWSzJNbjZyWW9ZbWljSnNqOVF4TUN0Vkw0Zz09fA&cppv=2

Requested by

Host: www.jeff.vn
URL: https://www.jeff.vn/

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ac70713c9c7de0205e4abbb76e4a3233630bc6345b1974b45e7ddbf764260644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:38 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1416819
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=CcBW-HwvZ29vS0VXOUE5VjdmQjc3Q0MvVFlyNWwycTNZTWgrUHZEN0pvNXdmeEtUdmtZT2lvbnhIa21RN3hjWHRFRFJTemRuNWw2eTgraVZzLzh2a1VkR1dJZ1V6S0ZLL3ViNmVIRHY3Ym5nanVmUFRGcTc4QVF1d2VEamhWc1NtTlJpMXpnN25PTllBVyt2dFRUNjlBblYzRWNnRmt2MjA3SXQrUEpVNGhIZnJOQ1dZcVlSVzhOVW9GdkFtOC9IdVlUYmJESm9PR0hMSU1ZN1IwNXhOblhVdElsYTRpWGNsSjI1MnpHQmR2eWRwOEIrejJEWDJjSU8wK3Mwbnk2N1VWSzJNbjZyWW9ZbWljSnNqOVF4TUN0Vkw0Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 270125
content-length: 0
expires: 0

GET
H2 200 translation.json Show response
page.widget.zalo.me/static/locales/vi/ Frame 4C3D 2 KB
1 KB 277ms
270ms Fetch
application/json 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://page.widget.zalo.me/static/locales/vi/translation.json

Requested by

Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

49d6e676ce5f79498b995ebbf1d6ef4ad3222c87a1b8d5c6495524b1a2b38305

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=fbfd48d3-fd60-443d-b600-c1b8eb7092ba&domain=www.jeff.vn&android=false&ios=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:38 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
server: za-ngx-srv
vary: Accept-Encoding, User-Agent
content-type: application/json
accept-ranges: bytes
content-length: 1037

GET
H2 200 149005296.js Show response
bat.bing.com/p/action/ 3 KB
2 KB 94ms
71ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/149005296.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dd621304dca3b34fd138fdd09d7547384a395afc5d415e0c56cda806d8fcf728

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 27 Dec 2022 12:39:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A7747ACA201E440D8497064B80AFF863 Ref B: CHGEDGE1205 Ref C: 2022-12-27T12:39:38Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 1447

GET
H2 204 0
bat.bing.com/action/ 0
174 B 60ms
56ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=149005296&tm=gtm002&Ver=2&mid=703f38bb-20f8-46e9-8feb-91afc45a479c&sid=86f8a7f085e311edb0dbdfac5dae3065&vid=86fb05e085e311eda44e775ce34b33c0&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Jeff%20-%20Chuy%C3%AAn%20gia%20t%C3%A0i%20ch%C3%ADnh%20t%E1%BB%91t%20nh%E1%BA%A5t%20c%E1%BB%A7a%20b%E1%BA%A1n&p=https%3A%2F%2Fwww.jeff.vn%2F&r=&lt=8813&evt=pageLoad&sv=1&rn=309516

Requested by

Host: www.jeff.vn
URL: https://www.jeff.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Dec 2022 12:39:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 672525A3D05647AA8CF2286106A86204 Ref B: CHGEDGE1205 Ref C: 2022-12-27T12:39:38Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 149005296 Show response
www.clarity.ms/tag/uet/ 1 KB
1 KB 297ms
75ms Script
application/x-javascript 2620:1ec:49::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/149005296
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/149005296.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e83f3a276dae5cddcfeb27ef577d98a57beae669b1c6284214ee3ed98c0203fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/x-javascript
date: Tue, 27 Dec 2022 12:39:38 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0i+eqYwAAAABiz8rcN4TPR4Vflp9CiRCLQ0gxQUEyMDIwNjA3MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

OPTIONS
H2 200 oa
api.widget.zalo.me/v1/ Frame 0
0 1669ms
213ms Preflight 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.zalo.me/v1/oa?oaid=1841675626203250178

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,zreferrer
Access-Control-Request-Method: GET
Origin: https://page.widget.zalo.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://page.widget.zalo.me
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
date: Tue, 27 Dec 2022 12:39:40 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400

GET
H2 200 oa Show response
api.widget.zalo.me/v1/ Frame 4C3D 564 B
914 B 315ms
231ms XHR
text/json 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.zalo.me/v1/oa?oaid=1841675626203250178

Requested by

Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

ac0e834de60cb3e4210b85853319150e0206a13cefc8d95cee0400b9961f2319

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json, text/plain, */*
Referer: https://page.widget.zalo.me/
accept-language: en-US,en;q=0.9
Authorization: 64d329381ac6a81d374ad4ca4945bb228a2875ea391f14a90e47d511a6b05a7c
Zreferrer: www.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:40 GMT
strict-transport-security: max-age=86400
server: za-ngx-srv
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type: text/json;charset=utf-8
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
content-length: 564

GET
H2 200 zuser Show response
api.widget.zalo.me/v1/ Frame 4C3D 57 B
406 B 301ms
229ms XHR
text/json 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.zalo.me/v1/zuser

Requested by

Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

a4518a2205f5917f44bfb75a043a10df95eef8c353aca95306de38dcd5d7bb18

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json, text/plain, */*
Referer: https://page.widget.zalo.me/
accept-language: en-US,en;q=0.9
Zreferrer: www.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:40 GMT
strict-transport-security: max-age=86400
server: za-ngx-srv
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type: text/json;charset=utf-8
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
content-length: 57

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-f/s/0.7.1/ 55 KB
19 KB 86ms
43ms Script
application/javascript 2620:1ec:49::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-f/s/0.7.1/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/149005296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:38 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 01wqqYwAAAABee9vgPALdQJBml/4TBYzMRE0yQUExMDkxMjA4MDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d913c18f6c839e"
x-azure-ref: 0i+eqYwAAAACvFvA1swAvT5muiDQ43mXSQ0gxQUEyMDIwNjA3MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

OPTIONS
H2 200 zuser
api.widget.zalo.me/v1/ Frame 0
0 1634ms
213ms Preflight 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.zalo.me/v1/zuser

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: */*
Access-Control-Request-Headers: zreferrer
Access-Control-Request-Method: GET
Origin: https://page.widget.zalo.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://page.widget.zalo.me
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
date: Tue, 27 Dec 2022 12:39:40 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 1306ms
954ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Dec 2022 12:39:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: crrBQ0T1Z4RRSLj1e0uGPL7nbrHFm/saGbPSJn1hTnYnVueKDLgKl9/+aDxtyB/YpvkkYQiDEnmv1KDg1XgCAA==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 504317807104934 Show response
connect.facebook.net/signals/config/ 293 KB
85 KB 1609ms
1299ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/504317807104934?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6eb4a68da342d97e6469040fae3fdffd68466a8aadc32dcdd3090d06cf258d01

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Dec 2022 12:39:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2s+i+Y/+Sw95qoJeOuRnCm1vg0rbxw8LCmdmmZmfkj88BiL4JFgdXj3oQJAblhH5eDFjM94Rrs1LNt8IJWQfnA==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect Show response
n.clarity.ms/ 0
162 B 951ms
78ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.jeff.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.jeff.vn
date: Tue, 27 Dec 2022 12:39:40 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 tr
px.dmp.zaloapp.com/ Frame 4C3D 43 B
197 B 430ms
429ms Image
image/gif 49.213.114.180
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px.dmp.zaloapp.com/tr?id=7711843404775064594&event=PageView&sessionId=c21a3773-1be7-4600-ba5f-23b510cc79ae&time=1672144779955&version=1&zscript=1&lastsrcref=https://www.jeff.vn&vid=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4YOR9_ujynBHDTfclRvp4b7qc-My_qm.1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.180 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

907be2b89def6c1267c8a7bbd7f4728d298406cdd28d4538d2e63b82e402acbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=fbfd48d3-fd60-443d-b600-c1b8eb7092ba&domain=www.jeff.vn&android=false&ios=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 27 Dec 2022 12:39:40 GMT
cache-control: max-age=0
strict-transport-security: max-age=86400
server: za-ngx-srv
content-type: image/gif

POST
H2 204 collect Show response
n.clarity.ms/ 0
25 B 369ms
122ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.jeff.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.jeff.vn
date: Tue, 27 Dec 2022 12:39:40 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 gen-ano Show response
za.zalo.me/ Frame 4C3D 145 B
347 B 996ms
312ms XHR
application/json 49.213.114.149
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://za.zalo.me/gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4YOR9_ujynBHDTfclRvp4b7qc-My_qm.1&anoTok=NdqLyA_arCPCVnxwgk_PpK1W2Bd_uS6F7782f-sbWe44DqUovQM0WW4nIxOvE7q

Requested by

Host: za.zdn.vn
URL: https://za.zdn.vn/v3/za.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.149 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

6a3355b94ee20678e7bfc11e1b4973cca33b01f3b6a0a2bbf5d51da9ce012df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://page.widget.zalo.me
date: Tue, 27 Dec 2022 12:39:42 GMT
strict-transport-security: max-age=86400; includeSubdomains;
access-control-allow-credentials: true
server: za-ngx-srv
content-length: 145
content-type: application/json; charset=utf-8

GET
H2 200 gen-ano Show response
za.zalo.me/ Frame 4C3D 145 B
348 B 938ms
286ms XHR
application/json 49.213.114.149
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://za.zalo.me/gen-ano?__zi=2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4YOR9_ujynBHDTfclRvp4b7qc-My_qm.1&anoTok=NdqLyA_arCPCVnxwgk_PpK1W2Bd_uS6F7782f-sbWe44DqUovQM0WW4nIxOvE7q

Requested by

Host: za.zdn.vn
URL: https://za.zdn.vn/v3/za.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.149 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

b17299504515c7c386bcb998229b630d50a4396b70488c6882be348bdf158843

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://page.widget.zalo.me
date: Tue, 27 Dec 2022 12:39:42 GMT
strict-transport-security: max-age=86400; includeSubdomains;
access-control-allow-credentials: true
server: za-ngx-srv
content-length: 145
content-type: application/json; charset=utf-8

GET
H2 200 Logo.svg
page.widget.zalo.me/static/images/2.0/ Frame 4C3D 3 KB
2 KB 579ms
554ms Image
image/svg+xml 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://page.widget.zalo.me/static/images/2.0/Logo.svg

Requested by

Host: www.jeff.vn
URL: https://www.jeff.vn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

828962d4760d99136fb087ee72570c68dd253243694d8f8bb6cac99cb6523858

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/?position=null&oaid=1841675626203250178&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=10&leftside=false&width=440&height=813&style=2&id=fbfd48d3-fd60-443d-b600-c1b8eb7092ba&domain=www.jeff.vn&android=false&ios=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:41 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
server: za-ngx-srv
vary: Accept-Encoding, User-Agent
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1343

GET
H2 200 fd7790535068f98a7e35116f7e5d477e.jpg
s160-ava-talk.zadn.vn/0/e/7/7/2/160/ Frame 4C3D 3 KB
4 KB 1779ms
343ms Image
image/jpg 49.213.103.120
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s160-ava-talk.zadn.vn/0/e/7/7/2/160/fd7790535068f98a7e35116f7e5d477e.jpg
Requested by: Host: www.jeff.vn
URL: https://www.jeff.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 49.213.103.120 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software: Universe /
Resource Hash: e2af94f1179813bed9fd382a0b23a359da83774374c39133d6b434af30d3f36a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://page.widget.zalo.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:42 GMT
last-modified: Tue, 27 Dec 2022 12:39:42 GMT
server: Universe
age: 15027696
x-cache-status: HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=7776000,no-transform
accept-ranges: bytes
content-length: 3526
expires: Mon, 27 Mar 2023 12:39:42 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4C3D 16 KB
16 KB 74ms
65ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://page.widget.zalo.me
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:49:38 GMT
x-content-type-options: nosniff
age: 553803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 02:49:38 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4C3D 15 KB
15 KB 75ms
66ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://page.widget.zalo.me
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 353703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 10:24:38 GMT

GET
H2 200 fa-regular-400.woff2
page.widget.zalo.me/static/css/fa/webfonts/ Frame 4C3D 165 KB
165 KB 614ms
593ms Font
font/woff2 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://page.widget.zalo.me/static/css/fa/webfonts/fa-regular-400.woff2

Requested by

Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/css/fa/css/all.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://page.widget.zalo.me/static/css/fa/css/all.min.css
Origin: https://page.widget.zalo.me
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:41 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
server: za-ngx-srv
vary: Accept-Encoding, User-Agent
content-type: font/woff2
accept-ranges: bytes

GET
H2 200 fa-light-300.woff2
page.widget.zalo.me/static/css/fa/webfonts/ Frame 4C3D 180 KB
180 KB 3812ms
3794ms Font
font/woff2 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://page.widget.zalo.me/static/css/fa/webfonts/fa-light-300.woff2

Requested by

Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/css/fa/css/all.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://page.widget.zalo.me/static/css/fa/css/all.min.css
Origin: https://page.widget.zalo.me
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:41 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
server: za-ngx-srv
vary: Accept-Encoding, User-Agent
content-type: font/woff2
accept-ranges: bytes

GET
H3 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4C3D 12 KB
12 KB 93ms
92ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://page.widget.zalo.me
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:07:25 GMT
x-content-type-options: nosniff
age: 577936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 20:07:25 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4C3D 12 KB
12 KB 130ms
96ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://page.widget.zalo.me
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:15:03 GMT
x-content-type-options: nosniff
age: 588278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 17:15:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4C3D 5 KB
6 KB 99ms
64ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://page.widget.zalo.me
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:04:01 GMT
x-content-type-options: nosniff
age: 419740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 16:04:01 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4C3D 5 KB
5 KB 144ms
103ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://page.widget.zalo.me
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 19:44:36 GMT
x-content-type-options: nosniff
age: 492905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5560
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:44:36 GMT

GET
H3 200 1043415689678719 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 244ms
134ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1043415689678719?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8905a1891952965fdf7e9e594910f8ef45d6eb97244b23fd42a1abcecfd9f5e1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Dec 2022 12:39:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: tCa5bviA3sEfW3XcqLvM0fnyBxBmvYoDWH/84B3t75FO9dR7MDYV/pNrYwCIlzLPc6ZZcEnpwXig616biOXmZw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 708ms
187ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=504317807104934&ev=PageView&dl=https%3A%2F%2Fwww.jeff.vn%2F&rl=&if=false&ts=1672144782131&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1672144782109.715226363&it=1672144779538&coo=false&tm=1&rqm=GET

Requested by

Host: www.jeff.vn
URL: https://www.jeff.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Dec 2022 12:39:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 log Show response
widget.chat.zalo.me/api/ Frame 4C3D 57 B
454 B 1140ms
252ms XHR
text/plain 49.213.78.128
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.chat.zalo.me/api/log?action=7&globalId=2000.SSZzwP5AMiydtRwqrXHCmIQKhAcS2KZPPy2WeD4B1zKXphZxXna5tYlBi_QC5Hh8Q9wzxiv92C8dqh_iWmq3o2BUjUs7HG77992rxuH02C4mCZ0.1&oaId=1841675626203250178

Requested by

Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.78.128 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

a4518a2205f5917f44bfb75a043a10df95eef8c353aca95306de38dcd5d7bb18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://page.widget.zalo.me/
accept-language: en-US,en;q=0.9
Zreferrer: www.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains
server: za-ngx-srv
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Headers, Authorization, Zreferrer

GET
H2 200 login-tab Show response
widget.chat.zalo.me/ Frame 4C3D 258 B
815 B 1107ms
256ms XHR
text/plain 49.213.78.128
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.chat.zalo.me/login-tab?oaId=1841675626203250178

Requested by

Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.78.128 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

540a7aaf1e24020989bcf193f0dc300dbbcfd9949a775ddb03808ad1e4520117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://page.widget.zalo.me/
accept-language: en-US,en;q=0.9
Authorization: b696aca350238a6e2ec799d562008fbc446b67d4e542a45f3480bcaf200cff27
Zreferrer: www.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains
server: za-ngx-srv
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Headers, Authorization, Zreferrer
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 collect Show response
n.clarity.ms/ 0
48 B 120ms
119ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.jeff.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.jeff.vn
date: Tue, 27 Dec 2022 12:39:42 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

OPTIONS
H2 200 log
widget.chat.zalo.me/api/ Frame 0
0 1353ms
430ms Preflight 49.213.78.128
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.chat.zalo.me/api/log?action=7&globalId=2000.SSZzwP5AMiydtRwqrXHCmIQKhAcS2KZPPy2WeD4B1zKXphZxXna5tYlBi_QC5Hh8Q9wzxiv92C8dqh_iWmq3o2BUjUs7HG77992rxuH02C4mCZ0.1&oaId=1841675626203250178

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.78.128 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: zreferrer
Access-Control-Request-Method: GET
Origin: https://page.widget.zalo.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Headers, Authorization, Zreferrer
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://page.widget.zalo.me
allow: GET, HEAD, POST, TRACE, OPTIONS
date: Tue, 27 Dec 2022 12:39:43 GMT
server: za-ngx-srv
strict-transport-security: max-age=31536000; includeSubdomains

OPTIONS
H2 200 login-tab
widget.chat.zalo.me/ Frame 0
0 1310ms
449ms Preflight 49.213.78.128
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.chat.zalo.me/login-tab?oaId=1841675626203250178

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.78.128 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,zreferrer
Access-Control-Request-Method: GET
Origin: https://page.widget.zalo.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Headers, Authorization, Zreferrer
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://page.widget.zalo.me
allow: GET, HEAD, POST, TRACE, OPTIONS
date: Tue, 27 Dec 2022 12:39:43 GMT
server: za-ngx-srv
strict-transport-security: max-age=31536000; includeSubdomains

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 222ms
109ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1043415689678719&ev=PageView&dl=https%3A%2F%2Fwww.jeff.vn%2F&rl=&if=false&ts=1672144784708&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1672144782109.715226363&it=1672144779538&coo=false&tm=1&rqm=GET

Requested by

Host: www.jeff.vn
URL: https://www.jeff.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Dec 2022 12:39:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 oa Show response
api.widget.zalo.me/v1/ Frame 4C3D 1 KB
2 KB 8526ms
8455ms XHR
text/json 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.zalo.me/v1/oa?oaid=1841675626203250178

Requested by

Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

59be0edb3392544b773153f19d80454f48a37bc31c722215a765ef6f5c7db0b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json, text/plain, */*
Referer: https://page.widget.zalo.me/
accept-language: en-US,en;q=0.9
Authorization: 64d329381ac6a81d374ad4ca4945bb228a2875ea391f14a90e47d511a6b05a7c
Zreferrer: www.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:45 GMT
strict-transport-security: max-age=86400
server: za-ngx-srv
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type: text/json;charset=utf-8
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
content-length: 1264

GET
H2 200 zuser Show response
api.widget.zalo.me/v1/ Frame 4C3D 57 B
406 B 8517ms
8453ms XHR
text/json 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.zalo.me/v1/zuser

Requested by

Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

a4518a2205f5917f44bfb75a043a10df95eef8c353aca95306de38dcd5d7bb18

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json, text/plain, */*
Referer: https://page.widget.zalo.me/
accept-language: en-US,en;q=0.9
Zreferrer: www.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:45 GMT
strict-transport-security: max-age=86400
server: za-ngx-srv
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type: text/json;charset=utf-8
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
content-length: 57

OPTIONS
H2 200 oa
api.widget.zalo.me/v1/ Frame 0
0 309ms
256ms Preflight 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.zalo.me/v1/oa?oaid=1841675626203250178

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,zreferrer
Access-Control-Request-Method: GET
Origin: https://page.widget.zalo.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://page.widget.zalo.me
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
date: Tue, 27 Dec 2022 12:39:45 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D4B1 0
15 B 168ms
136ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.jeff.vn
URL: https://www.jeff.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.jeff.vn
Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.jeff.vn
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 12:39:45 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 zuser
api.widget.zalo.me/v1/ Frame 0
0 297ms
282ms Preflight 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.zalo.me/v1/zuser

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: */*
Access-Control-Request-Headers: zreferrer
Access-Control-Request-Method: GET
Origin: https://page.widget.zalo.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://page.widget.zalo.me
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
date: Tue, 27 Dec 2022 12:39:45 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4054 0
15 B 153ms
68ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.jeff.vn
URL: https://www.jeff.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.jeff.vn
Referer: https://www.jeff.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.jeff.vn
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 12:39:46 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=469CC287E6CE4DFC880571FAA5565D45&RedC=c.clarity.ms&MXFR=14810E6891E860291E9C1CEF95E86EF6
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=469CC287E6CE4DFC880571FAA5565D45&MUID=023BE837598E647E0953FAB058EC65EB

42 B
442 B

315ms
46ms

Image
image/gif

20.110.81.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=469CC287E6CE4DFC880571FAA5565D45&MUID=023BE837598E647E0953FAB058EC65EB
Protocol: H2
Server: 20.110.81.91 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:46 GMT
last-modified: Tue, 13 Dec 2022 22:41:45 GMT
server: Microsoft-IIS/10.0
etag: "fccf6a1444fd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A516390608164BA6A731142074C87BDA Ref B: CHGEDGE1205 Ref C: 2022-12-27T12:39:46Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=469CC287E6CE4DFC880571FAA5565D45&MUID=023BE837598E647E0953FAB058EC65EB
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 374ms
38ms Script
text/javascript 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Dec 2022 11:11:08 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5318
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 27 Dec 2022 13:11:08 GMT

GET
H2 200 c946221a-b52c-4331-a28e-1cb0bf89cc6f.js Show response
clientcdn.pushengage.com/core/ 118 KB
26 KB 427ms
162ms Script
application/javascript 143.204.146.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/c946221a-b52c-4331-a28e-1cb0bf89cc6f.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-81.ewr52.r.cloudfront.net
Software: nginx /
Resource Hash: d5795e14c6ef42e807e4f928011c439e4ce75d2abe1e85e4ed0cded8802f3c24

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:46 GMT
content-encoding: gzip
via: 1.1 b078462cffa3a81b6e262ef7f6040412.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR52-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5-SmtI6yr3j-160FLnseBzUwGMhst0lWFNiYiFfZiXXXCyuFj0yODw==

GET
H2

200

event Show response
widget.as.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=98165&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=22fuoV9MJTJCQ0huUFY0RU1vNG9ZV09OdVAyUThxJTJGcHEwSmFJRjRDT1U2Tk0lMkJPeFpxV2lHbkNJODN...
https://widget.as.criteo.com/event?a=98165&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=22fuoV9MJTJCQ0huUFY0RU1vNG9ZV09OdVAyUThxJTJGcHEwSmFJRjRDT1U2Tk0lMkJPeFpxV2lHbkNJODN...

9 KB
4 KB

1376ms
577ms

Script
application/x-javascript

182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.as.criteo.com/event?a=98165&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=22fuoV9MJTJCQ0huUFY0RU1vNG9ZV09OdVAyUThxJTJGcHEwSmFJRjRDT1U2Tk0lMkJPeFpxV2lHbkNJODNhaTdDUWFjZzV1cEZUM0clMkJnVlJ2bUtqOVklMkZETWlvYVlVRVNmajR4OVJWNlRGYTBwbWtRdDYxYlJMdHI3eEUwQzIlMkZwM2UyVWxsenJRJTJCNlp6VHhpWU5BSEhpYzE3WCUyQlRwYjFnJTNEJTNE&tld=jeff.vn&dy=1&fu=https%253A%252F%252Fwww.jeff.vn%252F&dtycbr=34842

Protocol

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

73c258d94c02c25cd09943f3978123945ee2eaf8d5ab161c9c3438898bc081e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 8581853
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.as.criteo.com/event?a=98165&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=22fuoV9MJTJCQ0huUFY0RU1vNG9ZV09OdVAyUThxJTJGcHEwSmFJRjRDT1U2Tk0lMkJPeFpxV2lHbkNJODNhaTdDUWFjZzV1cEZUM0clMkJnVlJ2bUtqOVklMkZETWlvYVlVRVNmajR4OVJWNlRGYTBwbWtRdDYxYlJMdHI3eEUwQzIlMkZwM2UyVWxsenJRJTJCNlp6VHhpWU5BSEhpYzE3WCUyQlRwYjFnJTNEJTNE&tld=jeff.vn&dy=1&fu=https%253A%252F%252Fwww.jeff.vn%252F&dtycbr=34842
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12637346
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
80 KB 281ms
98ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7RLV1ZQ10L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJM8NRK

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5859f13966cc071dd0e5793cc9898a3ee689b5f7e2946a90067c8d75e5440ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82056
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Dec 2022 12:39:46 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
438 B 1152ms
544ms XHR
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-150685598-1&cid=1350616768.1672144787&jid=855181175&gjid=1157165759&_gid=753035021.1672144787&_u=YGBAiEABBAAAAEABI~&z=104989408

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jeff.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Dec 2022 12:39:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jeff.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 1130ms
532ms Image
image/gif 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=701803179&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jeff.vn%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Jeff%20-%20Chuy%C3%AAn%20gia%20t%C3%A0i%20ch%C3%ADnh%20t%E1%BB%91t%20nh%E1%BA%A5t%20c%E1%BB%A7a%20b%E1%BA%A1n&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAABI~&jid=855181175&gjid=1157165759&cid=1350616768.1672144787&tid=UA-150685598-1&_gid=753035021.1672144787&gtm=2wgbu0WJM8NRK&cd2=&cd6=&cd7=&z=1423802716

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 01:51:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38905
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
345 B 709ms
55ms Ping
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7RLV1ZQ10L&gtm=2oebu0&_p=701803179&_gaz=1&cid=1350616768.1672144787&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dr=&sid=1672144787&sct=1&seg=0&dl=https%3A%2F%2Fwww.jeff.vn%2F&dt=Jeff%20-%20Chuy%C3%AAn%20gia%20t%C3%A0i%20ch%C3%ADnh%20t%E1%BB%91t%20nh%E1%BA%A5t%20c%E1%BB%A7a%20b%E1%BA%A1n&uid=&en=page_view&_fv=1&_ss=2&up.lead_type=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7RLV1ZQ10L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80d::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jeff.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 606ms
552ms Ping
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7RLV1ZQ10L&cid=1350616768.1672144787&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7RLV1ZQ10L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jeff.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dialog.css
jeffvn.pushengage.com/ 15 KB
3 KB 604ms
89ms Stylesheet
text/css 3.232.61.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jeffvn.pushengage.com/dialog.css
Requested by: Host: clientcdn.pushengage.com
URL: https://clientcdn.pushengage.com/core/c946221a-b52c-4331-a28e-1cb0bf89cc6f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.61.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-61-250.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bed87ccdb41fe7089a16ff17d62243f74ceff43688d671782f8b593510b181f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Dec 2022 12:39:48 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=UTF-8

GET
H2 200 gmz3hnkzs7io9b.png
assetscdn.pushengage.com/client_images/57962/ 4 KB
4 KB 585ms
103ms Image
image/png 54.230.163.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn.pushengage.com/client_images/57962/gmz3hnkzs7io9b.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-117.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a447caa7d06cb9ae3e26e76cae688bcb770dba896a07c1c7ff7b5c8d381e29f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:07:33 GMT
via: 1.1 ffb3cace5d647f21fdf8c68c16a8f2fa.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 09:25:47 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 2172736
etag: "342c976bc9b1767fe1ec12d961406cae"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3686
x-amz-cf-id: COzcMFu7i8HY9CqwNzOUiHchO41h1SdIWJiEh8mtnKLS8h7gKxrvhg==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 237ms
78ms Image
image/gif 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-150685598-1&cid=1350616768.1672144787&jid=855181175&_u=YGBAiEABBAAAAEABI~&z=2010238826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jeff.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 33BF
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-HRidwC4YQWQ6ylpeu8dxc61FQy--nAfzi9hP8g&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HRidwC4YQWQ6ylpeu8dxc61FQy--nAfzi9hP8g&expires=30

43 B
510 B

255ms
77ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HRidwC4YQWQ6ylpeu8dxc61FQy--nAfzi9hP8g&expires=30
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 27 Dec 2022 12:39:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HRidwC4YQWQ6ylpeu8dxc61FQy--nAfzi9hP8g&expires=30
Date: Tue, 27 Dec 2022 12:39:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 33BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-vwhz9y4YQWQ6ylpeu8dxc61FQy84i8H2oZpeBQ&google_cm&google_hm=ay12d2h6OXk0WVFXUTZ5bHBldThkeGM2MUZReTg0aThIM...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vwhz9y4YQWQ6ylpeu8dxc61FQy84i8H2oZpeBQ&google_gid=CAESENZFqIs3joglBPaFsrJYycE&google_cver=1&google_ula=913071,0

43 B
370 B

425ms
128ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vwhz9y4YQWQ6ylpeu8dxc61FQy84i8H2oZpeBQ&google_gid=CAESENZFqIs3joglBPaFsrJYycE&google_cver=1&google_ula=913071,0

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1239615
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vwhz9y4YQWQ6ylpeu8dxc61FQy84i8H2oZpeBQ&google_gid=CAESENZFqIs3joglBPaFsrJYycE&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 33BF
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5237292989423770793

43 B
370 B

162ms
136ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5237292989423770793

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1447697
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 27 Dec 2022 12:39:48 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 167.88.7.162; 167.88.7.162; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 56107111-bac6-4f87-9240-890d9aed1a10
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5237292989423770793
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame 33BF
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-vwhz9y4YQWQ6ylpeu8dxc61FQy84i8H2oZpeBQ&custom=&tag_format=img&tag_action=sync&custom=&cb=e9982e07-e945-4152-ad7a-95de50f...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-vwhz9y4YQWQ6ylpeu8dxc61FQy84i8H2oZpeBQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=e9982e07-e945-415...
https://ws.rqtrk.eu/pushpull?dmp=e873dca0-85f0-4b95-bfab-a8d855ece660&pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=8d188c20-85e3-11ed-bf67-ffac9eefc1f6&cb=167214478896...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=3eaede15-82d3-444a-9156-d69414c32fc2&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1672144788960

0
590 B

164ms
93ms

Image
text/plain

52.44.84.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=3eaede15-82d3-444a-9156-d69414c32fc2&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1672144788960
Protocol: HTTP/1.1
Server: 52.44.84.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-84-189.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Tue, 27 Dec 2022 12:39:49 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.18.0
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:49 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=3eaede15-82d3-444a-9156-d69414c32fc2&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1672144788960
cache-control: no-cache,private
x-envoy-upstream-service-time: 1
content-length: 0
expires: Tue, 27 Dec 2022 12:39:48 GMT

GET
H3

200

rum
r.casalemedia.com/ Frame 33BF
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-hoHC5i4YQWQ6ylpeu8dxc61FQy_ZEw0BXyfjcg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-hoHC5i4YQWQ6ylpeu8dxc61FQy_ZEw0BXyfjcg&C=1

43 B
869 B

450ms
175ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-hoHC5i4YQWQ6ylpeu8dxc61FQy_ZEw0BXyfjcg&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4cUWCbn9fJWMzeLHLyjE3t4HakW%2FzZn41C4c1b%2Fyw98Z9aQfmBUWDxt4woCAGpv8pDBWWNWicZMwOyABIqhD0RUaPGx9XMUK5Kuxs2GGb2Di6fKYrFU6PVuRZf4%2F74D%2BCn7"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 78021f02f8b12a4e-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlNFWzeRBYm60OBH5FR1TEyctA4UyTMtKKIK%2BSoLxvq%2FGc3XI%2FvOz9whZyzhc6e8s5FHMSGLCEUW%2Fd6x1BZ%2F8JsG55%2FIE3jThVO6HG4K%2B2aI%2F3I5LBbh45lkKvPWWMqjYRPN"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-hoHC5i4YQWQ6ylpeu8dxc61FQy_ZEw0BXyfjcg&C=1
cache-control: no-cache
cf-ray: 78021f008c7e8140-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 33BF
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-0LkYuS4YQWQ6ylpeu8dxc61FQy-XsCqoHts-lQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0LkYuS4YQWQ6ylpeu8dxc61FQy-XsCqoHts-lQ

43 B
449 B

324ms
37ms

Image
image/gif

34.198.56.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0LkYuS4YQWQ6ylpeu8dxc61FQy-XsCqoHts-lQ
Protocol: H2
Server: 34.198.56.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-56-80.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Dec 2022 12:39:48 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0LkYuS4YQWQ6ylpeu8dxc61FQy-XsCqoHts-lQ
date: Tue, 27 Dec 2022 12:39:48 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame 33BF 45 B
787 B 428ms
125ms Image
image/gif 23.41.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-WW73qC4YQWQ6ylpeu8dxc61FQy_VYMBp6Nojcw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 27 Dec 2022 12:39:48 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Tue, 27 Dec 2022 12:39:48 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 33BF 0
308 B 372ms
66ms Image
text/plain 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-cpMpKS4YQWQ6ylpeu8dxc61FQy9gglYZo3NKrg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 27 Dec 2022 12:39:48 GMT
Cache-Control: no-cache
X-TraceId: 277e2c31c0189fda16c9430e4277abc9
Content-Length: 0

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 33BF 42 B
786 B 420ms
141ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-4-ld_y4YQWQ6ylpeu8dxc61FQy9RTJl0lZtK0g&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 33BF 68 B
280 B 480ms
52ms Image
image/png 54.84.41.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Q4ci4S4YQWQ6ylpeu8dxc61FQy8wBCIwdNecCQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.41.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-41-227.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:48 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 33BF 43 B
687 B 483ms
69ms Image
image/gif 199.187.193.193
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-ZWGu1i4YQWQ6ylpeu8dxc61FQy9el6I_86PtAw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.193 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 27 Dec 2022 12:39:48 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 33BF 0
231 B 458ms
61ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-ijwGvi4YQWQ6ylpeu8dxc61FQy8ZxauBko5HFA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 53899

GET
H2 200 um
criteo-sync.teads.tv/ Frame 33BF 23 B
288 B 528ms
84ms Image
image/gif 23.64.61.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-6HZw7i4YQWQ6ylpeu8dxc61FQy_FF9hbegQceA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.64.61.36 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-61-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Tue, 27 Dec 2022 12:39:49 GMT
pragma: no-cache
date: Tue, 27 Dec 2022 12:39:49 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 33BF
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-qfBjnS4YQWQ6ylpeu8dxc61FQy8Nt-XCamStvg&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-qfBjnS4YQWQ6ylpeu8dxc61FQy8Nt-XCamStvg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
355 B

78ms
74ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-qfBjnS4YQWQ6ylpeu8dxc61FQy8Nt-XCamStvg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 27 Dec 2022 12:39:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-qfBjnS4YQWQ6ylpeu8dxc61FQy8Nt-XCamStvg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Tue, 27 Dec 2022 12:39:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 33BF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-br33ni4YQWQ6ylpeu8dxc61FQy8u3R7La7lcwQ
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-br33ni4YQWQ6ylpeu8dxc61FQy8u3R7La7lcwQ&verify=true

0
121 B

170ms
51ms

Image
text/plain

3.218.90.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-br33ni4YQWQ6ylpeu8dxc61FQy8u3R7La7lcwQ&verify=true

Protocol

Server

3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-90-66.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-br33ni4YQWQ6ylpeu8dxc61FQy8u3R7La7lcwQ&verify=true
date: Tue, 27 Dec 2022 12:39:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 put
e1.emxdgt.com/ Frame 33BF 43 B
120 B 335ms
63ms Image
image/gif 18.214.193.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-v3uodS4YQWQ6ylpeu8dxc61FQy-MyjXNjvZTOQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-193-123.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:48 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame 33BF 43 B
869 B 1182ms
185ms Image
image/gif 202.241.208.100
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-8yD4Sy4YQWQ6ylpeu8dxc61FQy91KOBP9nVsYw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.100 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Tue, 27 Dec 2022 12:39:50 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-8yD4Sy4YQWQ6ylpeu8dxc61FQy91KOBP9nVsYw","cluster_id":0,"gdpr":false,"ipv4":"167.88.7.162","key":"Y6rnlsCo5ucAAMRHUIUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40263"}
X-SO-Key: Y6rnlsCo5ucAAMRHUIUAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40263
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: a-ad40263.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 43
X-SO-LB-Hostname: a-tgng40016.dc2p.scaleout.jp
X-SO-IP: 167.88.7.162

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 33BF 49 B
341 B 469ms
91ms Image
image/gif 195.244.31.10
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Kp0BXy4YQWQ6ylpeu8dxc61FQy_k-1yaHaL7Cg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:49 GMT
x-content-type-options: nosniff
server: ayl-lb-usa02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 4
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame 33BF
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=

62 B
525 B

746ms
141ms

Image
image/gif

184.50.205.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=
Protocol: H2
Server: 184.50.205.247 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-50-205-247.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 27 Dec 2022 12:39:49 GMT
content-length: 62
bk-server: fd32
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=
date: Tue, 27 Dec 2022 12:39:48 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1325013
content-length: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 33BF 43 B
496 B 419ms
76ms Image
image/gif 63.251.28.233
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-BVDpKy4YQWQ6ylpeu8dxc61FQy_YeVojUfbNPA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Dec 2022 12:39:49 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1672144789574006-287

GET
H2 200 sync
matching.ivitrack.com/ Frame 33BF 42 B
274 B 382ms
149ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-Cg7tvy4YQWQ6ylpeu8dxc61FQy9eHHq9vWUwUA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:49 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 33BF
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-bFxSFi4YQWQ6ylpeu8dxc61FQy9zjml-n3G91A
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-bFxSFi4YQWQ6ylpeu8dxc61FQy9zjml-n3G91A&_li_chk=true&previous_uuid=faccf1bbc5fe45a792c6452b98e90deb
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-bFxSFi4YQWQ6ylpeu8dxc61FQy9zjml-n3G91A

43 B
436 B

266ms
46ms

Image
image/gif

2600:1f18:ed:550e:9109:3f2f:4dfb:6442
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-bFxSFi4YQWQ6ylpeu8dxc61FQy9zjml-n3G91A

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:9109:3f2f:4dfb:6442 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 27 Dec 2022 12:39:50 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-bFxSFi4YQWQ6ylpeu8dxc61FQy9zjml-n3G91A
Date: Tue, 27 Dec 2022 12:39:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 33BF 0
967 B 758ms
73ms Image
text/html 107.21.7.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-IPW6fi4YQWQ6ylpeu8dxc61FQy9oQVwLcjVeAg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.7.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-7-4.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:50 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame 33BF 42 B
225 B 120ms
60ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-yXIFvC4YQWQ6ylpeu8dxc61FQy8_03RU5C-rfg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:48 GMT
last-modified: Tue, 13 Dec 2022 22:44:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 90D95C5379C844DCAA311C1671EE7BFF Ref B: CHGEDGE1205 Ref C: 2022-12-27T12:39:49Z
etag: "8723e58344fd91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 33BF 43 B
539 B 834ms
162ms Image
image/gif 3.84.48.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-ctAnnC4YQWQ6ylpeu8dxc61FQy9uu2ZjrnXx_w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.84.48.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-84-48-245.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:50 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 33BF 42 B
579 B 632ms
68ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-4W6H1S4YQWQ6ylpeu8dxc61FQy-ijYuJxgN_AQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 27 Dec 2022 12:39:50 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK pixel_sync
trends.revcontent.com/cm/ Frame 33BF 0
0 861ms
198ms Image
application/json 44.206.137.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-QITqLS4YQWQ6ylpeu8dxc61FQy_UJ4Cm2v6r3Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.137.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-137-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2

204

/
s.ad.smaato.net/c/ Frame 33BF
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-AJNrai4YQWQ6ylpeu8dxc61FQy8s3YCxNl_jmQ
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-AJNrai4YQWQ6ylpeu8dxc61FQy8s3YCxNl_jmQ&cookieCheck=1

0
556 B

198ms
175ms

Image
text/plain

2600:9000:2209:3800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-AJNrai4YQWQ6ylpeu8dxc61FQy8s3YCxNl_jmQ&cookieCheck=1
Protocol: H2
Server: 2600:9000:2209:3800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:50 GMT
via: 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: t6epkhVAti401e36kuOZXuwxla5BlwfbTZmeH_9z4Mhn61SH7FpFOQ==

Redirect headers

date: Tue, 27 Dec 2022 12:39:50 GMT
via: 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-AJNrai4YQWQ6ylpeu8dxc61FQy8s3YCxNl_jmQ&cookieCheck=1
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: eE_ahNO1NbdnAAoh4kVTQUQUivUXTXacSsPIhTTJkwRqt4pWCDwTNA==

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 33BF
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=SYnY7gHDQiWZI6g54_x87REOlcpwDjzb
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=SYnY7gHDQiWZI6g54_x87REOlcpwDjzb

42 B
940 B

88ms
86ms

Image
image/gif

107.20.252.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=SYnY7gHDQiWZI6g54_x87REOlcpwDjzb

Protocol

HTTP/1.1

Server

107.20.252.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-20-252-73.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-0c19b834a.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: DqAOq3m6Sz8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-1-v044-090086c49.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: EYpEEtoxTis=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=SYnY7gHDQiWZI6g54_x87REOlcpwDjzb
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 204 collect Show response
n.clarity.ms/ 0
48 B 132ms
58ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.jeff.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.jeff.vn
date: Tue, 27 Dec 2022 12:39:49 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame 33BF
Redirect Chain

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=jcQQYT-TJaF91Lamh3NjqUoxqARbg8rr

43 B
654 B

194ms
59ms

Image
image/gif

13.225.214.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=jcQQYT-TJaF91Lamh3NjqUoxqARbg8rr
Protocol: H2
Server: 13.225.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-90.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 12:39:50 GMT
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: KisFeYiqTTHYqCOJBj5RxA7jobhi2eyGxDysN0ZwQjklHz9tLMl0Xw==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=jcQQYT-TJaF91Lamh3NjqUoxqARbg8rr
date: Tue, 27 Dec 2022 12:39:49 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1560614
content-length: 0

GET
H2 200 stk-cate Show response
api.widget.zalo.me/v1/ Frame 4C3D 701 B
1 KB 241ms
240ms XHR
text/json 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.zalo.me/v1/stk-cate

Requested by

Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

d46de924119d6c61f1c8b47daa6c382779574aba8a065932e0d3b4f775167cc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json, text/plain, */*
Referer: https://page.widget.zalo.me/
accept-language: en-US,en;q=0.9
Authorization: 39b5ae7f9de909a0cfdf2eb828a6a061bf1178d650333416d0675a742e50c19a
Zreferrer: www.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:54 GMT
strict-transport-security: max-age=86400
server: za-ngx-srv
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type: text/json;charset=utf-8
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
content-length: 701

OPTIONS
H2 200 stk-cate
api.widget.zalo.me/v1/ Frame 0
0 247ms
244ms Preflight 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.zalo.me/v1/stk-cate

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,zreferrer
Access-Control-Request-Method: GET
Origin: https://page.widget.zalo.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://page.widget.zalo.me
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
date: Tue, 27 Dec 2022 12:39:54 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400

OPTIONS
H2 200 stickers
api.widget.zalo.me/v1/stk-cate/ Frame 0
0 242ms
241ms Preflight 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.zalo.me/v1/stk-cate/stickers?cate_id=39

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,zreferrer
Access-Control-Request-Method: GET
Origin: https://page.widget.zalo.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://page.widget.zalo.me
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
date: Tue, 27 Dec 2022 12:39:54 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400

GET
H2 200 stickers Show response
api.widget.zalo.me/v1/stk-cate/ Frame 4C3D 750 B
1 KB 246ms
241ms XHR
text/json 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.zalo.me/v1/stk-cate/stickers?cate_id=39

Requested by

Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

089c39401ae7014d4f3077bb6c9c321c6e0fbe56bf3a6869a379d77447abf21f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json, text/plain, */*
Referer: https://page.widget.zalo.me/
accept-language: en-US,en;q=0.9
Authorization: 28db5fe4842487a1e00101ce55fa177811beb1cca7f1d8d12b18b2b0b7a399a7
Zreferrer: www.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:55 GMT
strict-transport-security: max-age=86400
server: za-ngx-srv
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type: text/json;charset=utf-8
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
content-length: 750

GET
H2 200 stickers Show response
api.widget.zalo.me/v1/stk-cate/ Frame 4C3D 3 KB
3 KB 244ms
242ms XHR
text/json 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.zalo.me/v1/stk-cate/stickers?cate_id=0

Requested by

Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

ac2a9a77b800b9a4179e95288a1b72e42aa2f414d9aba7162dded3df6f4d2f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json, text/plain, */*
Referer: https://page.widget.zalo.me/
accept-language: en-US,en;q=0.9
Authorization: 28db5fe4842487a1e00101ce55fa177811beb1cca7f1d8d12b18b2b0b7a399a7
Zreferrer: www.jeff.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 12:39:55 GMT
strict-transport-security: max-age=86400
server: za-ngx-srv
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type: text/json;charset=utf-8
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
content-length: 2926

OPTIONS
H2 200 stickers
api.widget.zalo.me/v1/stk-cate/ Frame 0
0 370ms
369ms Preflight 49.213.114.167
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.zalo.me/v1/stk-cate/stickers?cate_id=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.167 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,zreferrer
Access-Control-Request-Method: GET
Origin: https://page.widget.zalo.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://page.widget.zalo.me
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
date: Tue, 27 Dec 2022 12:39:54 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400

POST
H2 204 collect Show response
n.clarity.ms/ 0
48 B 44ms
43ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.jeff.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.jeff.vn
date: Tue, 27 Dec 2022 12:39:58 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

83 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 09:12:16	Name: _li_ss Value: MgkI_____wcQhxQ
app.jeff.vn/	1970-01-20 08:39:09	Name: AWSALB Value: IGxSxGW6d+6wNjUJ+3YMaFhuJe2gydhwXw621aHq+J3E0yH4KTiLQYHVDOVetjXwraTefZRVxk0EPaJd2XRNN/rrHDSSJ2bDPCdZOROYP4erzo8yAcIgZaCBFDNF
app.jeff.vn/	1970-01-20 08:39:09	Name: AWSALBCORS Value: IGxSxGW6d+6wNjUJ+3YMaFhuJe2gydhwXw621aHq+J3E0yH4KTiLQYHVDOVetjXwraTefZRVxk0EPaJd2XRNN/rrHDSSJ2bDPCdZOROYP4erzo8yAcIgZaCBFDNF
.jeff.vn/	1970-01-20 10:38:40	Name: _gcl_au Value: 1.1.1656878325.1672144775
.jeff.vn/	1970-01-20 08:29:06	Name: _sp_ses.4563 Value: *
.jeff.vn/	1970-01-20 18:05:04	Name: _sp_id.4563 Value: 8d4e5b8c-ffda-4579-b5c5-89dc7854c589.1672144776.1.1672144776..5d87905e-64dd-4d15-99c9-c77241446b2c....0
.criteo.com/	1970-01-20 17:50:40	Name: uid Value: b37145f4-00ba-4efb-b153-288b2cef32b5
.zalo.me/	1970-01-20 18:05:04	Name: __zi Value: 2000.UelfvS0R1PqpcVIltHyTt6UL_Rp1G4YOR9_ujynBHDTfclRvp4b7qc-My_qm.1
.jeff.vn/	1970-01-20 18:05:04	Name: __zi Value: 2000.SSZzejyD4jijZBcnrqaGZpF2jwcL5GA5BT3rkuC73TibqhZ_Y0q8q2ZUlR2D3m-UADo-jOi32far.1
.bing.com/	1970-01-20 17:50:40	Name: MUID Value: 023BE837598E647E0953FAB058EC65EB
.bat.bing.com/	1970-01-20 08:39:09	Name: MR Value: 0
.jeff.vn/	1970-01-20 08:30:31	Name: _uetsid Value: 86f8a7f085e311edb0dbdfac5dae3065
.jeff.vn/	1970-01-20 17:50:40	Name: _uetvid Value: 86fb05e085e311eda44e775ce34b33c0
.jeff.vn/	1970-01-20 17:58:28	Name: cto_bundle Value: 22fuoV9MJTJCQ0huUFY0RU1vNG9ZV09OdVAyUThxJTJGcHEwSmFJRjRDT1U2Tk0lMkJPeFpxV2lHbkNJODNhaTdDUWFjZzV1cEZUM0clMkJnVlJ2bUtqOVklMkZETWlvYVlVRVNmajR4OVJWNlRGYTBwbWtRdDYxYlJMdHI3eEUwQzIlMkZwM2UyVWxsenJRJTJCNlp6VHhpWU5BSEhpYzE3WCUyQlRwYjFnJTNEJTNE
www.clarity.ms/	1970-01-20 17:14:40	Name: CLID Value: e2a2ccabb4b04a63b4805082fdb438e2.20221227.20231227
.jeff.vn/	1970-01-20 17:14:40	Name: _clck Value: 1oac3wb\|1\|f7r\|0
.jeff.vn/	1970-01-20 08:30:31	Name: _clsk Value: 1jybw6o\|1672144780578\|1\|1\|n.clarity.ms/collect
.jeff.vn/	1970-01-20 10:38:40	Name: _fbp Value: fb.1.1672144782109.715226363
.zalo.me/	1970-01-20 08:39:09	Name: zoaw_sek Value: yFN5.1000475794.0.vdaiJq3x7R7Izx-AGFiTiK3x7R50-nsnGMlw6oE47R4
.zalo.me/	1970-01-20 08:39:09	Name: zoaw_type Value: 0
.jeff.vn/	1970-01-20 08:30:31	Name: _gid Value: GA1.2.753035021.1672144787
.c.bing.com/	1970-01-20 08:39:09	Name: MR Value: 0
.c.bing.com/	1970-01-20 17:50:40	Name: SRM_B Value: 023BE837598E647E0953FAB058EC65EB
.jeff.vn/	1970-01-20 08:29:04	Name: _dc_gtm_UA-150685598-1 Value: 1
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 17:50:40	Name: MUID Value: 023BE837598E647E0953FAB058EC65EB
.c.clarity.ms/	1970-01-20 08:39:09	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 08:29:05	Name: ANONCHK Value: 0
.jeff.vn/	1970-01-20 18:05:04	Name: _ga_7RLV1ZQ10L Value: GS1.1.1672144787.1.0.1672144787.60.0.0
.jeff.vn/	1970-01-20 18:05:04	Name: _ga Value: GA1.1.1350616768.1672144787
.doubleclick.net/	1970-01-20 18:05:04	Name: IDE Value: AHWqTUlF1CjFOkIKZnl15uv7I7GIDgMHwrqmkx6ceP7cd17d-liDWS3J8UJ_KwxoNQ0
.360yield.com/	1970-01-20 10:38:40	Name: tuuid Value: 1419fa57-711e-4991-96d7-80d474f09e30
.360yield.com/	1970-01-20 10:38:40	Name: tuuid_lu Value: 1672144788
.adnxs.com/	1970-01-20 10:38:40	Name: uuid2 Value: 5237292989423770793
.casalemedia.com/	1970-01-20 17:14:40	Name: CMID Value: Y6rnlGJpgfQVQablEEyAZwAA
.casalemedia.com/	1970-01-20 10:38:40	Name: CMPS Value: 088
.casalemedia.com/	1970-01-20 10:38:40	Name: CMPRO Value: 088
.outbrain.com/	1970-01-20 10:38:40	Name: obuid Value: 1b023258-4518-44fb-b814-edc2bd6b86b9
.bidswitch.net/	1970-01-20 17:14:40	Name: tuuid Value: 32fb00b4-bbcb-41e7-9337-f89ddb4eefaf
.bidswitch.net/	1970-01-20 17:14:40	Name: c Value: 1672144788
.bidswitch.net/	1970-01-20 17:14:40	Name: tuuid_lu Value: 1672144788
.media.net/	1970-01-20 17:14:40	Name: visitor-id Value: 3151463886419466000V10
.media.net/	1970-01-20 09:12:16	Name: data-c-ts Value: 1672144788
.media.net/	1970-01-20 09:12:16	Name: data-c Value: k-WW73qC4YQWQ6ylpeu8dxc61FQy_VYMBp6Nojcw~~3
.rubiconproject.com/	1970-01-20 17:14:40	Name: khaos Value: LC67U0E0-M-DSHT
.rubiconproject.com/	1970-01-20 17:14:40	Name: audit Value: 1\|SKXI3CSmyrZ5U5GQwThbZFRU8PDGf+f8WI3n7Fgmx5jbv+B75popqo3/PxFSxtw/jnyjSSg4rECM1KxoLazIt+aleybw1oy9Ba0etFFpiE2ejv7fwNyuH/OqweqTeh8LzYNIreKYS+DRKVf1UTESftkjEZKQB/sTK1LsbZ5AJNfmQdVc7iIhNLYPAdWGRZ6V8p4Q5rMwDzg=
.360yield.com/	1970-01-20 10:38:40	Name: um Value: !38,U2pY4Y9MfnJCGT6DAHNE3-.NhqXqrLlS0ZG4Ph50oO3lSkoF9EIMQjYAgdYNkWKYbPdd.ku8,1679920788
.360yield.com/	1970-01-20 10:38:40	Name: umeh Value: !38,0,1734352788,-1
.mediawallahscript.com/	1970-01-20 18:05:04	Name: mCookie Value: 8d188c20-85e3-11ed-bf67-ffac9eefc1f6
.mediawallahscript.com/	1970-01-20 08:30:31	Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_12_2022 Value: %7B%22rkIE1%22%3A1%7D
.mediawallahscript.com/	1970-01-20 18:05:04	Name: mUserCookie Value: %7B%7D
.sharethrough.com/	1970-01-20 09:12:16	Name: stx_user_id Value: a699c303-3715-4a03-baca-10f3ecd2b85b
.bluekai.com/	1970-01-20 12:48:16	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 12:48:16	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1LxD9gxGnwx==
.bluekai.com/	1970-01-20 12:48:16	Name: bku Value: uUW99JU73ZwpFFWh
.casalemedia.com/	1970-01-20 10:38:40	Name: CMTS Value: 1438
.taboola.com/	1970-01-20 17:14:40	Name: t_gid Value: 5b5e13a1-5910-44b3-99ba-585f301bbc46-tuctaa46d15
.3lift.com/	1970-01-20 10:38:40	Name: tluid Value: 4647842833676825382240
.smartadserver.com/	1970-01-20 17:59:19	Name: pid Value: 236143237981263825
.smartadserver.com/	1970-01-20 17:59:19	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 17:14:40	Name: csync Value: 79:k-ZWGu1i4YQWQ6ylpeu8dxc61FQy9el6I_86PtAw
.yahoo.com/	1970-01-20 17:15:02	Name: A3 Value: d=AQABBJXnqmMCEO82ESZFupteNOV57QwQiRUFEgEBAQE5rGO0YwAAAAAA_eMAAA&S=AQAAAtBzAAYSEy7MdnO5iYPBlik
.rqtrk.eu/	1970-01-20 08:39:09	Name: browser_id Value: 1:3eaede15-82d3-444a-9156-d69414c32fc2
.teads.tv/	1970-01-20 17:13:14	Name: tt_viewer Value: 8974fb84-1506-4c56-9dd3-0ba2b5fa6579
.analytics.yahoo.com/	1970-01-20 17:14:40	Name: IDSYNC Value: 18zh~2930
.omnitagjs.com/	1970-01-20 09:12:16	Name: ayl_visitor Value: 53621f1c7a19ead8945ea16de2c556f8
.ads.stickyadstv.com/	1970-01-20 09:12:16	Name: UID Value: 9ec56310ba0489ca3fb240123e9ee9
.pubmatic.com/	1970-01-20 09:12:16	Name: KRTBCOOKIE_97 Value: 3385-uid:k-4W6H1S4YQWQ6ylpeu8dxc61FQy-ijYuJxgN_AQ&KRTB&23144-uid:k-4W6H1S4YQWQ6ylpeu8dxc61FQy-ijYuJxgN_AQ&KRTB&23286-uid:k-4W6H1S4YQWQ6ylpeu8dxc61FQy-ijYuJxgN_AQ&KRTB&23287-uid:k-4W6H1S4YQWQ6ylpeu8dxc61FQy-ijYuJxgN_AQ
.pubmatic.com/	1970-01-20 09:12:16	Name: PugT Value: 1672144790
.smaato.net/	1970-01-20 08:59:19	Name: SCM Value: 6c9d66b4
exchange.mediavine.com/	1970-01-20 08:49:14	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%228dcdf970-85e3-11ed-a8af-81abcdb06d3a%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 08:49:14	Name: mv_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%228dcdf970-85e3-11ed-a8af-81abcdb06d3a%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 08:49:14	Name: am_tokens Value: %7B%22mv_uuid%22%3A%228dcdf970-85e3-11ed-a8af-81abcdb06d3a%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 08:49:14	Name: am_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%228dcdf970-85e3-11ed-a8af-81abcdb06d3a%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 08:49:14	Name: criteo Value: %7B%22id%22%3A%22k-IPW6fi4YQWQ6ylpeu8dxc61FQy9oQVwLcjVeAg%22%2C%22version%22%3A%22criteo%22%7D
.liadm.com/	1970-01-20 18:05:04	Name: lidid Value: faccf1bb-c5fe-45a7-92c6-452b98e90deb
.postrelease.com/	1970-01-20 17:14:40	Name: visitor Value: aa7f6015-0534-440f-ae15-c6f24370009f
.postrelease.com/	1970-01-20 17:14:40	Name: status Value: 0
.demdex.net/	1970-01-20 12:48:16	Name: demdex Value: 79236929330711948383366700042553473166
.socdm.com/	1970-01-20 18:05:04	Name: SOC Value: Y6rnlsCo5ucAAMRHUIUAAAAA
.smaato.net/	1970-01-20 08:44:11	Name: SCM1001851 Value: 6c9d66b4
.dpm.demdex.net/	1970-01-20 12:48:16	Name: dpm Value: 79236929330711948383366700042553473166
.agkn.com/	1970-01-20 17:14:40	Name: ab Value: 0001%3AiAsfnLHtTYbrGzENZ69lGle0I2HQeQ0S

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11882785.fls.doubleclick.net
aa.agkn.com
ad.360yield.com
ads.stickyadstv.com
adservice.google.com
ajax.googleapis.com
analytics.google.com
api.jeff-app.com
api.widget.zalo.me
app.jeff.vn
assets-global.website-files.com
assetscdn.pushengage.com
bat.bing.com
c.bing.com
c.clarity.ms
clientcdn.pushengage.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
d3e54v103j8qbb.cloudfront.net
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
jadserve.postrelease.com
jeff.vn
jeffvn.pushengage.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
n.clarity.ms
page.widget.zalo.me
partner.mediawallahscript.com
pixel.rubiconproject.com
px.dmp.zaloapp.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s160-ava-talk.zadn.vn
scripts.jeff-app.com
simage2.pubmatic.com
sp-zp.zdn.vn
sp.zalo.me
sslwidget.criteo.com
static.jeff-app.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
tags.bluekai.com
tg.socdm.com
trends.revcontent.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.as.criteo.com
widget.chat.zalo.me
ws.rqtrk.eu
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.jeff.vn
x.bidswitch.net
za.zalo.me
za.zdn.vn
107.20.252.73
107.21.7.4
120.138.69.12
120.138.69.5
13.225.214.90
13.225.223.26
13.233.222.59
13.33.81.115
141.226.224.48
142.250.65.198
142.250.81.226
143.204.146.81
15.235.42.104
16.162.101.137
172.64.154.237
18.167.29.181
18.214.193.123
182.161.74.16
184.50.205.247
195.244.31.10
199.187.193.193
20.110.81.91
202.241.208.100
23.41.168.23
23.64.61.36
2600:1f18:2489:8200::c8
2600:1f18:2489:8201::c8
2600:1f18:ed:550e:9109:3f2f:4dfb:6442
2600:9000:21ea:6c00:12:9e5f:cac0:93a1
2600:9000:2209:3800:1b:5138:8a40:93a1
2607:f8b0:4004:c08::9a
2607:f8b0:4006:809::2008
2607:f8b0:4006:809::200e
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80d::200e
2607:f8b0:4006:816::200a
2607:f8b0:4006:817::2003
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::200a
2607:f8b0:4006:823::200e
2620:100:a001::c
2620:100:a001::f
2620:1ec:49::40
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.218.90.66
3.232.61.250
3.84.48.245
34.117.157.22
34.198.56.80
35.211.178.172
44.206.137.207
49.213.103.120
49.213.114.132
49.213.114.149
49.213.114.167
49.213.114.180
49.213.78.128
52.184.204.244
52.223.22.214
52.44.141.176
52.44.84.189
54.230.163.117
54.84.41.227
63.251.28.233
68.67.179.166
69.173.151.100
70.42.32.255
74.119.119.139
74.119.119.150
8.28.7.83
024c9e9e77b79c74bd26543ce72dfa9440aea185c5789caaa8b09814599e735b
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
062e92de33a45fd783639d799f66c932c1ee42521c45c53f54a2d06e03ba4771
089c39401ae7014d4f3077bb6c9c321c6e0fbe56bf3a6869a379d77447abf21f
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0f7242dd0414ccc179b5e08a6bcd8e8334683f4339d1f7bb082555d4ea1684a6
156331c2fdfe86f5e79d38f439c1480d02df2ef6d48ab83fdf0e845b1a1e5a44
16f7f28cd79e331da4b267c4d9a440a07490d687037645987ea93a68edd9e11d
1d8fa817c71210c8d7c59e7f4ad3a7356eadfe48c8f1b95b68422224dd48cf4d
1e4ca3275dcf5a9339859b2df952e92a45f29d7d746375d44b9bf5c1f1335e5a
22f84898dfaf6b30e6fe24bcc4eff0a3d32ac4f6f6dc14860344a0d729020d0c
283c6e49992d2a00cc6e9eb88668b65be994b1c6e907dc561854869c21fa8251
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
365249e41bfabdf507ed0245435432051a32507efa3aa255872f43c6e9c6ece5
38488bcabc1cee15df88f71d38004a8e277c2437e84ab3d6f47328140a028f4a
39ea507c0f35a222ed98e28e11661c725767890d4aaab689bff2babba8f83a2b
39f71bd192fef15e3ff9ed3e4ab1c336d6019d97e5a2b7cdcfb136176597c52b
3a778bd7076fba09072b9f8dfe49e2d5e8e4e04042841c36b3a4163d25f51e59
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3ef7a0d6d5fe3d76fe5a22cb3c5e526ed99cec30d4b6fe967d2bc40d3f932ae8
40bd7ea6109c0e52f261160b21474ad77b20faf871feaad2cc539c7f140aabe1
48423b721cef80b0f33cd6b9de9f72abf2d3182613c365b6a5ee4cdc273619e3
49d6e676ce5f79498b995ebbf1d6ef4ad3222c87a1b8d5c6495524b1a2b38305
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5089932a425db8912573a4808c785d2881ce9089791752eccd8d5d839c212acf
50c93aa50a0a2dc46b980951a19bf0ffeaea45aa639893f682b6a23e3504ab42
5154fbb7ffb86b837e4e5cd076abdb1d595bdec474336fb65ff9efb139041c36
540a7aaf1e24020989bcf193f0dc300dbbcfd9949a775ddb03808ad1e4520117
54421f5a5ea4179d8132006fbc6c2154a1afc0e4e21f5a4a25d0e2a3e418837a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5859f13966cc071dd0e5793cc9898a3ee689b5f7e2946a90067c8d75e5440ff4
5904f4c6de8f2b7a3912fa215e8486718e0cac1de1832f64b30f3f58c860dfa0
59be0edb3392544b773153f19d80454f48a37bc31c722215a765ef6f5c7db0b2
5b2b36199292fd0a66f42de265cbbcaaefce6ebacb6b6a116beebc4e61e8ae8c
5b77cc417edf05d9a80ab1c874d97476dc821f92ae3ae311ea5a56477cc9a590
5c74d26fa05df23036cb8406bc0f4f719d0004fd0fd671304286dee3c68f781e
5fdd06615194a9a10ddc8b928c428e2dbb2b20ed70dfcafe40de89cddaf61f12
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61cbe91dc918aaa6b6d929c4a31f5de2cd5fdc34056fa41b5321faa53d2c5950
6231a111d26346ba5baf244992fb1c699f922388a43d16d338bf5455b913c591
65f1c35c6574b4d557120bce140f7c44ca8a2a1002a3a1ae1e23b070cc90ffeb
6763cceefa8d31d62ac72ff2ac0dfe4ea30215fead28d7afebe5ca01cf1d9221
68d5079784cb170ff863dd8ce87ab5b1562f78604fc6a58e364d79073339e09c
6a3355b94ee20678e7bfc11e1b4973cca33b01f3b6a0a2bbf5d51da9ce012df0
6db1b103f2e3d724f158626e5b026add3531cb24eebcd413c1c89a8708175abd
6eb4a68da342d97e6469040fae3fdffd68466a8aadc32dcdd3090d06cf258d01
7018fb7eeae500da4487b843306c42dde6612ab97c8d48c774179b5345d9fbd8
73c258d94c02c25cd09943f3978123945ee2eaf8d5ab161c9c3438898bc081e7
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
7be7f09031359954dc364ea96d191f84641f90b9d2e3f48ffb697968e63a8774
7e200d0551f7d87d4c1a32ba265186be23494477b64a48accbf6198fe6e79956
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
828962d4760d99136fb087ee72570c68dd253243694d8f8bb6cac99cb6523858
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453
8905a1891952965fdf7e9e594910f8ef45d6eb97244b23fd42a1abcecfd9f5e1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b5153268a53b20f216b5ba8f259dded47660ad9abfb42c05a90a9b2c0b863f5
907be2b89def6c1267c8a7bbd7f4728d298406cdd28d4538d2e63b82e402acbe
94b524da037b37726482611150004e8c576fe55047490bad7203157ccbce42ff
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99002a9ebb53b96a1e59a7b201fede5efd5b950095895aadbe7601959a8a4b4e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a6403be855cf28f8fc7eb0ec377f8fe84e4508da830f6a1cffe96040d3c48ec
9c11ea803f2e810739c8409e0ac9d9b46d41948c5062cea99ee4be753f955714
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a26854f297793040b3587a207fbbaac3b61c4b4aaefda33b720e920251896a33
a30afea6d007fc13b0369176489ddd3d2637a88e285a2ae45bc34b0d51f7c553
a447caa7d06cb9ae3e26e76cae688bcb770dba896a07c1c7ff7b5c8d381e29f2
a4518a2205f5917f44bfb75a043a10df95eef8c353aca95306de38dcd5d7bb18
a7541bdec83ec7e24ebc9e396e5406c3e8ee9a7b6d4abd25b2d565211d4791df
a7cc6e59d8515b32c8a24943605545663453210ed0f51005e6f259224d4c35a4
a9cfbcea0b8ea97590df063b9624d8546db3782c24dbc4642920cb6e77bbd03f
aaa6cf564cfd93ff3d510800575c9f5412f057d5ad9e7b8dd8ee5eb1710fd508
ac0e834de60cb3e4210b85853319150e0206a13cefc8d95cee0400b9961f2319
ac2a9a77b800b9a4179e95288a1b72e42aa2f414d9aba7162dded3df6f4d2f3e
ac70713c9c7de0205e4abbb76e4a3233630bc6345b1974b45e7ddbf764260644
ad1a118938fac2fa74f44d29a675438e04d293c41d7ddfc35e17bbbc00cc7fa6
ae7d1b91f59eca06cc98a92fe54f92d546d9d250c38403b608c8b6adbed95c0e
afba0a9e71e6bf5b89cb8ea73a331d6f16d8ad0d9059fd5270e424c2b372da82
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0c187761428d550872c87ddf90f459276c115c4964ec21f9bb2715a75ba63e3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17299504515c7c386bcb998229b630d50a4396b70488c6882be348bdf158843
b3dadf84bd14d47f74d4c3f09b51bc14881840c6264235050f333684d092dc43
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd154527e92eb30f54f102a994f19457f6db7b7c5371adc0a9b3549fa37a5567
be57d364140ceea8e174edf06a4fa8bc39d72185d5eb762ecdb08215894c9ac1
bed87ccdb41fe7089a16ff17d62243f74ceff43688d671782f8b593510b181f3
c027ebd1c4192b5327c3194990a711b4081ea32a118e16f0d16a82f731ab3368
c43e2246e974a113da0208bf29f5107ffbc6c72d53f6a47d372e844b1f39f436
c5bddbc9ecdca4a81b76b811b609dd28a7c6a90b6512c970ee3fe177d135d644
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce776e36ca591b5ae2ac1ef88f220a13dff461eb4ec3c2994d789853165effa6
cf2e38998da76eae542f6c8ef8583958e14a70643a25a8d8d829ac02d87fd520
cfb3e26e0bee20b23edfee49e5612266383098273c3d7771a1dacd9b2bf544d1
d0f14805c4f59ff808400de351404874309171b89d378b87de32719d04810b49
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d28193b11378d35a8e3119f7b70401153d2939a50ef3b8ff1402fcdd80c0ff70
d46de924119d6c61f1c8b47daa6c382779574aba8a065932e0d3b4f775167cc9
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
d56f55fe30935f8887bb13b137e0b05e73f1e2fc2213c61dcceb0d22c0dd3b15
d5795e14c6ef42e807e4f928011c439e4ce75d2abe1e85e4ed0cded8802f3c24
d717cba240296a1b3b65d0cb186a1c38614ed3f9aafd9de18e7c3c6f0724450a
d775ef7a2096a1c305415446bbe051c47bcc1f76bf2b676acfdeae41483d5d53
d7e675024981a396c864a91cd38aa73f01375a10b78740f1eba6ddad76362dd6
d92292ec526d7ef1177fd905e90c1373e1a24fbde8417a3941ce924fb71c0270
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
dd621304dca3b34fd138fdd09d7547384a395afc5d415e0c56cda806d8fcf728
dd6fe0fed6def1b676286a203da5c58d178152d29b73debcf8c8f4ed6e269079
e022ff3e2e5b6db123facbdc48e74beb5189fcd8b0e6fceab2937d49eab46a85
e1051b762fc1360deee59fc01eba5dc0d6255b4cca749682e64adc3a31ab6669
e2af94f1179813bed9fd382a0b23a359da83774374c39133d6b434af30d3f36a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83f3a276dae5cddcfeb27ef577d98a57beae669b1c6284214ee3ed98c0203fd
e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d
ee0eab7c78914d952b5119684d1aed29aec2707fe7cc1b1bb75771fe87ca68b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe0e476d081283bccd12deb3adf743da1a7b9b05ec96b9cfab3a300c29430069

www.jeff.vn Open in urlscan Pro 16.162.101.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

173 Requests

91 %HTTPS

29 %IPv6

50 Domains

75 Subdomains

68 IPs

7 Countries

2142 kBTransfer

5777 kBSize

83 Cookies

10 Outgoing links

Page URL History

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.jeff.vn Open in urlscan Pro
16.162.101.137 Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

91 %
HTTPS

29 %
IPv6

50
Domains

75
Subdomains

68
IPs

7
Countries

2142 kB
Transfer

5777 kB
Size

83
Cookies

173 HTTP transactions
1 data transactions