Submitted URL: http://app.eragalaxy.com.vn/link.php?M=739285&N=74&L=32&F=H
Effective URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Submission: On December 02 via manual from AU

Summary

This website contacted 17 IPs in 9 countries across 22 domains to perform 58 HTTP transactions. The main IP is 13.251.251.159, located in Singapore, Singapore and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is saffronjahan.lapa.pub.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 1st 2019. Valid for: 3 months.
This is the only time saffronjahan.lapa.pub was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 171.244.34.116 38731 (VTDC-AS-V...)
1 1 52.77.0.178 16509 (AMAZON-02)
2 2 210.245.26.140 18403 (FPT-AS-AP...)
1 52.77.48.212 16509 (AMAZON-02)
1 13.251.251.159 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
9 85.217.188.5 31490 (NETIX-MGM...)
2 23.111.9.35 33438 (HIGHWINDS2)
3 2a03:2880:f01... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 4 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a04:4e42:3::621 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 52.76.204.42 16509 (AMAZON-02)
58 17
Domain Requested by
14 fonts.gstatic.com saffronjahan.lapa.pub
embed.tawk.to
9 w.ladicdn.com saffronjahan.lapa.pub
6 fonts.googleapis.com saffronjahan.lapa.pub
embed.tawk.to
4 www.google-analytics.com 2 redirects www.googletagmanager.com
saffronjahan.lapa.pub
3 vs114.tawk.to embed.tawk.to
3 cdn.jsdelivr.net embed.tawk.to
saffronjahan.lapa.pub
3 www.googletagmanager.com saffronjahan.lapa.pub
2 la.ladipage.com w.ladicdn.com
saffronjahan.lapa.pub
2 va.tawk.to embed.tawk.to
2 www.google.de saffronjahan.lapa.pub
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 connect.facebook.net saffronjahan.lapa.pub
connect.facebook.net
2 use.fontawesome.com saffronjahan.lapa.pub
code.jquery.com
2 go.isclix.com 2 redirects
1 tawk.link saffronjahan.lapa.pub
1 embed.tawk.to click.accesstrade.vn
1 www.facebook.com saffronjahan.lapa.pub
1 staticxx.facebook.com connect.facebook.net
1 code.jquery.com www.googletagmanager.com
1 www.e-mailit.com saffronjahan.lapa.pub
1 saffronjahan.lapa.pub
1 click.accesstrade.vn
1 shorten.asia 1 redirects
1 app.eragalaxy.com.vn 1 redirects
58 25

This site contains links to these domains. Also see Links.

Domain
saffron.vn
Subject Issuer Validity Valid
*.accesstrade.vn
AlphaSSL CA - SHA256 - G2
2018-05-07 -
2020-05-21
2 years crt.sh
saffronjahan.lapa.pub
Let's Encrypt Authority X3
2019-12-01 -
2020-02-29
3 months crt.sh
*.googleapis.com
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months crt.sh
w.ladicdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-05-31 -
2021-05-29
2 years crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA
2019-10-28 -
2020-12-23
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-11-06 -
2020-02-04
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months crt.sh
sni197345.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-09-14 -
2020-03-22
6 months crt.sh
*.google.com
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
www.google.de
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months crt.sh
ssl902639.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-15 -
2020-05-23
6 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-05-29 -
2020-04-23
a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-11-19 -
2020-10-09
a year crt.sh
la.ladipage.com
Sectigo RSA Domain Validation Secure Server CA
2019-06-26 -
2021-06-25
2 years crt.sh

This page contains 7 frames:

Primary Page: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Frame ID: 8394D356E2475BE250DEA89AA59B3CD3
Requests: 46 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: CC49976AC81FE0C2C176EE8EA7A25976
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 9E98FB8DB65FB713E41EBB33C2A76148
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 84415B84EEBB55C0ABC42D9B3610E1B5
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: E05669AD06B54D33AB80E3A271EFA77D
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 4F0694EE8237F842A0787C5D5D975E27
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: E05432399487916D842BBAF4B0A45C81
Requests: 4 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://app.eragalaxy.com.vn/link.php?M=739285&N=74&L=32&F=H HTTP 302
    https://shorten.asia/R4N5pqJ1 HTTP 302
    https://go.isclix.com/deep_link/4672917609409185231?url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F HTTP 302
    http://go.isclix.com/deep_link/v2/506/4672917609409185231?url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F HTTP 302
    https://click.accesstrade.vn/adv.php?real_ip=93.190.140.32&at_source=deep_link&utm_tool=deeplink&url=http... Page URL
  2. https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /\/\/embed\.tawk\.to/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

58
Requests

100 %
HTTPS

64 %
IPv6

22
Domains

25
Subdomains

17
IPs

9
Countries

1221 kB
Transfer

2460 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.eragalaxy.com.vn/link.php?M=739285&N=74&L=32&F=H HTTP 302
    https://shorten.asia/R4N5pqJ1 HTTP 302
    https://go.isclix.com/deep_link/4672917609409185231?url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F HTTP 302
    http://go.isclix.com/deep_link/v2/506/4672917609409185231?url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F HTTP 302
    https://click.accesstrade.vn/adv.php?real_ip=93.190.140.32&at_source=deep_link&utm_tool=deeplink&url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F%3Faff_sid%3D%7Bclickid%7D&redirect_302=1&at_unique_id=lC38i_HSWYXbjlB_XbeIXqnxat&rk=0006yc0011f7 Page URL
  2. https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://app.eragalaxy.com.vn/link.php?M=739285&N=74&L=32&F=H HTTP 302
  • https://shorten.asia/R4N5pqJ1 HTTP 302
  • https://go.isclix.com/deep_link/4672917609409185231?url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F HTTP 302
  • http://go.isclix.com/deep_link/v2/506/4672917609409185231?url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F HTTP 302
  • https://click.accesstrade.vn/adv.php?real_ip=93.190.140.32&at_source=deep_link&utm_tool=deeplink&url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F%3Faff_sid%3D%7Bclickid%7D&redirect_302=1&at_unique_id=lC38i_HSWYXbjlB_XbeIXqnxat&rk=0006yc0011f7
Request Chain 32
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1262265441&t=pageview&_s=1&dl=https%3A%2F%2Fsaffronjahan.lapa.pub%2F%3Faff_sid%3D3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S&dr=https%3A%2F%2Fclick.accesstrade.vn%2Fadv.php%3Freal_ip%3D93.190.140.32%26at_source%3Ddeep_link%26utm_tool%3Ddeeplink%26url%3Dhttps%253A%252F%252Fsaffronjahan.lapa.pub%252F%253Faff_sid%253D%257Bclickid%257D%26redirect_302%3D1%26at_unique_id%3DlC38i_HSWYXbjlB_XbeIXqnxat%26rk%3D0006yc0011f7&ul=en-us&de=UTF-8&dt=Black%20Friday%20-%20Saffron%20VIETNAM&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=2043970244&gjid=736629298&cid=560202770.1575245300&tid=UA-122997007-1&_gid=1519342180.1575245300&_r=1&gtm=2ouav9&z=1207894485 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-122997007-1&cid=560202770.1575245300&jid=2043970244&_gid=1519342180.1575245300&gjid=736629298&_v=j79&z=1207894485 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122997007-1&cid=560202770.1575245300&jid=2043970244&_v=j79&z=1207894485 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122997007-1&cid=560202770.1575245300&jid=2043970244&_v=j79&z=1207894485&slf_rd=1&random=2621981198
Request Chain 56
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1262265441&t=event&ni=1&_s=3&dl=https%3A%2F%2Fsaffronjahan.lapa.pub%2F%3Faff_sid%3D3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S&dr=https%3A%2F%2Fclick.accesstrade.vn%2Fadv.php%3Freal_ip%3D93.190.140.32%26at_source%3Ddeep_link%26utm_tool%3Ddeeplink%26url%3Dhttps%253A%252F%252Fsaffronjahan.lapa.pub%252F%253Faff_sid%253D%257Bclickid%257D%26redirect_302%3D1%26at_unique_id%3DlC38i_HSWYXbjlB_XbeIXqnxat%26rk%3D0006yc0011f7&ul=en-us&de=UTF-8&dt=Black%20Friday%20-%20Saffron%20VIETNAM&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=LadiPageTimeOnPage&ea=TimeOnPage_10_seconds&el=saffronjahan.lapa.pub%2F&_u=KEBAAUAB~&jid=757633346&gjid=919312173&cid=560202770.1575245300&tid=UA-122997007-1&_gid=1519342180.1575245300&_r=1&gtm=2ouav9&z=1585513230 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-122997007-1&cid=560202770.1575245300&jid=757633346&_gid=1519342180.1575245300&gjid=919312173&_v=j79&z=1585513230 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122997007-1&cid=560202770.1575245300&jid=757633346&_v=j79&z=1585513230 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122997007-1&cid=560202770.1575245300&jid=757633346&_v=j79&z=1585513230&slf_rd=1&random=3738559214

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set adv.php
click.accesstrade.vn/
Redirect Chain
  • http://app.eragalaxy.com.vn/link.php?M=739285&N=74&L=32&F=H
  • https://shorten.asia/R4N5pqJ1
  • https://go.isclix.com/deep_link/4672917609409185231?url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F
  • http://go.isclix.com/deep_link/v2/506/4672917609409185231?url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F
  • https://click.accesstrade.vn/adv.php?real_ip=93.190.140.32&at_source=deep_link&utm_tool=deeplink&url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F%3Faff_sid%3D%7Bclickid%7D&redirect_302=1&at_unique_id=lC3...
320 B
656 B
Document
General
Full URL
https://click.accesstrade.vn/adv.php?real_ip=93.190.140.32&at_source=deep_link&utm_tool=deeplink&url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F%3Faff_sid%3D%7Bclickid%7D&redirect_302=1&at_unique_id=lC38i_HSWYXbjlB_XbeIXqnxat&rk=0006yc0011f7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.48.212 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-77-48-212.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.26
Resource Hash

Request headers

Host
click.accesstrade.vn
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 02 Dec 2019 00:08:19 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
Apache/2.4.7 (Ubuntu)
Set-Cookie
v1=f79052ee935e40efc4fac923d379624d; expires=Thu, 26-Nov-2020 00:08:19 GMT; Max-Age=31104000; path=/; domain=accesstrade.vn
Vary
Accept-Encoding
X-Powered-By
PHP/5.5.9-1ubuntu4.26
Content-Length
202
Connection
keep-alive

Redirect headers

Server
nginx/1.10.3 (Ubuntu)
Date
Mon, 02 Dec 2019 00:08:18 GMT
Content-Type
text/html; charset=utf-8
Content-Length
727
Connection
keep-alive
Location
https://click.accesstrade.vn/adv.php?real_ip=93.190.140.32&at_source=deep_link&utm_tool=deeplink&url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F%3Faff_sid%3D%7Bclickid%7D&redirect_302=1&at_unique_id=lC38i_HSWYXbjlB_XbeIXqnxat&rk=0006yc0011f7
AT_UNIQUE_ID
lC38i_HSWYXbjlB_XbeIXqnxat
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers
Content-Length,Content-Range
Primary Request /
saffronjahan.lapa.pub/
170 KB
26 KB
Document
General
Full URL
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.251.159 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-13-251-251-159.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3514354e383ea094762977b178d3823850461fc23eeed457a0f2566deb168904

Request headers

:method
GET
:authority
saffronjahan.lapa.pub
:scheme
https
:path
/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://click.accesstrade.vn/adv.php?real_ip=93.190.140.32&at_source=deep_link&utm_tool=deeplink&url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F%3Faff_sid%3D%7Bclickid%7D&redirect_302=1&at_unique_id=lC38i_HSWYXbjlB_XbeIXqnxat&rk=0006yc0011f7
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://click.accesstrade.vn/adv.php?real_ip=93.190.140.32&at_source=deep_link&utm_tool=deeplink&url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F%3Faff_sid%3D%7Bclickid%7D&redirect_302=1&at_unique_id=lC38i_HSWYXbjlB_XbeIXqnxat&rk=0006yc0011f7

Response headers

status
200
server
nginx
date
Mon, 02 Dec 2019 00:08:19 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
statuscode
200
content-encoding
gzip
css
fonts.googleapis.com/
10 KB
881 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
4c47b6e716595a8d6e5dd2f8e277cd3d928f1fa82dd32104dd066ea8f6b19c8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 02 Dec 2019 00:08:20 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 02 Dec 2019 00:08:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 02 Dec 2019 00:08:20 GMT
ladipage.min.js
w.ladicdn.com/v2/source/
92 KB
92 KB
Script
General
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.js?v=1574848888714
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS
c98f0e6.helph.info
Software
nginx /
Resource Hash
8b64d3b1c632d19e5166b292a7e9065129315eb371fa601b7019d9a9bc8bec00

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript
status
200
access-control-max-age
2592000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 28 Nov 2020 10:41:36 GMT
all.css
use.fontawesome.com/releases/v5.8.2/css/
54 KB
14 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Origin
https://saffronjahan.lapa.pub

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
content-encoding
gzip
last-modified
Tue, 07 May 2019 16:50:11 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"77cbad34e5ce95e70847b074e05faeab"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
sdk.js
connect.facebook.net/vi_VN/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/vi_VN/sdk.js
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
dacbb93fdb4065e14e1e52ff93df628f130d5db557e42222f27e71d3b86e524b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Origin
https://saffronjahan.lapa.pub

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
o21gIgHbE2+ioqCiPhag9w==
status
200
date
Mon, 02 Dec 2019 00:08:20 GMT
expires
Mon, 02 Dec 2019 00:20:04 GMT
alt-svc
h3-23=":443"; ma=3600
content-length
1777
x-fb-debug
LlZC44E7QV+9M2vVWXxT0rq4xLOjvUDbUJ48KMI9P+rTqFX4SGaZNUD+NvQ67kYDJNs8c+1H93HwjBiTssneag==
x-fb-trip-id
420120009
x-fb-content-md5
18cf67ce2effca529b12fd4271b2458c
etag
"751e2a68f1b000da023c6b10e0ec785d"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
js
www.googletagmanager.com/gtag/
73 KB
27 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-122997007-1
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ff1940bcaa63336abb393f57c1bcc1eaad14a2200ecf6d9e53385eb881fc8cb0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27666
x-xss-protection
0
expires
Mon, 02 Dec 2019 00:08:20 GMT
gtm.js
www.googletagmanager.com/
54 KB
20 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGHB7VH
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82f5903c68786f03ae731fcea8aca570a364c8b3464e22b52b63dddb20917224
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
20494
x-xss-protection
0
expires
Mon, 02 Dec 2019 00:08:20 GMT
ladipage.min.css
w.ladicdn.com/v2/source/
59 KB
59 KB
Stylesheet
General
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.css?v=1574848888714
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS
c98f0e6.helph.info
Software
nginx /
Resource Hash
d5b12ba320d79744057a337087cb9fb09cec08a78576936f0c69bb44132823e0

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
2592000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 Nov 2020 01:46:27 GMT
zalo-icon.png
www.e-mailit.com/social-buttons/build/images/solutions/
13 KB
13 KB
Image
General
Full URL
https://www.e-mailit.com/social-buttons/build/images/solutions/zalo-icon.png
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a82a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe15edb3e9bb868220b33ad7abab78058d644e43e26abc8a9321415b26e1e793

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
cf-cache-status
HIT
last-modified
Sat, 01 Dec 2018 03:07:30 GMT
server
cloudflare
age
48
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
53e910d54bf15940-VIE
content-length
13154
expires
Mon, 09 Dec 2019 00:07:31 GMT
sdk.js
connect.facebook.net/vi_VN/
194 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/vi_VN/sdk.js?hash=ed8e595e3d058b3a637ccb6e00fe3f95&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
3b1b5a0b9e82052c4f876e48d48549b472d8ef86f1b347931f8fcbe7997197cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Origin
https://saffronjahan.lapa.pub

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
xyse7spxPDviMQHvNouyfA==
status
200
date
Mon, 02 Dec 2019 00:08:20 GMT
expires
Tue, 01 Dec 2020 00:01:25 GMT
alt-svc
h3-23=":443"; ma=3600
content-length
59489
x-fb-debug
dSRMC7exfYGXELoo9Yb0VtteiJyCpcyfd6tkT0ftzib9jLAnF7sp982ZtGtZsT5nVW1qeJNU7DlhukreYPjqUA==
x-fb-trip-id
420120009
x-fb-content-md5
042eff609f55885bfb096028fe7c0fca
etag
"3796f5d077825968a864fb89d4361a41"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122997007-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5683
date
Sun, 01 Dec 2019 22:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 02 Dec 2019 00:33:37 GMT
gtm.js
www.googletagmanager.com/
69 KB
24 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NGSH5DM
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4ca26bcb7504e6fe42043d9e3e698aa6903fe27f9d01145dbd51c55a8456c66
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24474
x-xss-protection
0
expires
Mon, 02 Dec 2019 00:08:20 GMT
b5.png
w.ladicdn.com/v2/source/masks/
9 KB
9 KB
Image
General
Full URL
https://w.ladicdn.com/v2/source/masks/b5.png
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS
c98f0e6.helph.info
Software
nginx /
Resource Hash
bf0a1b46699f370dcc64c43748ff4af4642c210fd9854948e8120f09669e2478

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
status
200
access-control-max-age
2592000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 28 Nov 2020 07:41:30 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Origin
https://saffronjahan.lapa.pub

Response headers

date
Thu, 21 Nov 2019 17:13:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
888893
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Fri, 20 Nov 2020 17:13:27 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Origin
https://saffronjahan.lapa.pub

Response headers

date
Thu, 21 Nov 2019 07:12:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
924948
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9080
x-xss-protection
0
expires
Fri, 20 Nov 2020 07:12:32 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Origin
https://saffronjahan.lapa.pub

Response headers

date
Wed, 20 Nov 2019 18:56:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
969088
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Thu, 19 Nov 2020 18:56:52 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Origin
https://saffronjahan.lapa.pub

Response headers

date
Thu, 21 Nov 2019 15:36:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
894719
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 20 Nov 2020 15:36:21 GMT
mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v17/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Origin
https://saffronjahan.lapa.pub

Response headers

date
Wed, 20 Nov 2019 18:54:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:53 GMT
server
sffe
age
969237
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7292
x-xss-protection
0
expires
Thu, 19 Nov 2020 18:54:23 GMT
mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v17/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
35327bcecf226f1e75d221cf9b537d5d8a127dd1e38298cc4596bcf638f6071a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Origin
https://saffronjahan.lapa.pub

Response headers

date
Wed, 20 Nov 2019 19:13:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:50 GMT
server
sffe
age
968072
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7208
x-xss-protection
0
expires
Thu, 19 Nov 2020 19:13:48 GMT
KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Origin
https://saffronjahan.lapa.pub

Response headers

date
Wed, 20 Nov 2019 19:03:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
968661
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7924
x-xss-protection
0
expires
Thu, 19 Nov 2020 19:03:59 GMT
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Origin
https://saffronjahan.lapa.pub

Response headers

date
Thu, 21 Nov 2019 17:16:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:46 GMT
server
sffe
age
888725
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8024
x-xss-protection
0
expires
Fri, 20 Nov 2020 17:16:15 GMT
saffron-vietnam-black-friday-20191125092251.jpg
w.ladicdn.com/s1750x950/5bec3902f6d85b4f1259b5a4/
306 KB
302 KB
Image
General
Full URL
https://w.ladicdn.com/s1750x950/5bec3902f6d85b4f1259b5a4/saffron-vietnam-black-friday-20191125092251.jpg
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS
c98f0e6.helph.info
Software
nginx /
Resource Hash
0b7c00a44d93feab8a540e4b0e066be42babdb1e35c9f05b511a3b022933df8a

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
status
200
access-control-max-age
2592000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Wed, 25 Nov 2020 02:22:43 GMT
salam-1gr-black-friday-350-20191128015055.jpg
w.ladicdn.com/s550x600/5bec3902f6d85b4f1259b5a4/
29 KB
29 KB
Image
General
Full URL
https://w.ladicdn.com/s550x600/5bec3902f6d85b4f1259b5a4/salam-1gr-black-friday-350-20191128015055.jpg
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS
c98f0e6.helph.info
Software
nginx /
Resource Hash
f9f739d98a288413462e77a21499f9c04762134628537076804ee48d4782687a

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:21 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
status
200
access-control-max-age
2592000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 Nov 2020 02:35:32 GMT
shyam-black-friday-350-20191128015242.jpg
w.ladicdn.com/s550x600/5bec3902f6d85b4f1259b5a4/
30 KB
30 KB
Image
General
Full URL
https://w.ladicdn.com/s550x600/5bec3902f6d85b4f1259b5a4/shyam-black-friday-350-20191128015242.jpg
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS
c98f0e6.helph.info
Software
nginx /
Resource Hash
40b8ff088da2c5ebda44374dd7429ba795b57e5760356e4d81ab41fab158c215

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
status
200
access-control-max-age
2592000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 Nov 2020 02:35:32 GMT
jahan-black-friday-350-20191128015326.jpg
w.ladicdn.com/s550x600/5bec3902f6d85b4f1259b5a4/
29 KB
28 KB
Image
General
Full URL
https://w.ladicdn.com/s550x600/5bec3902f6d85b4f1259b5a4/jahan-black-friday-350-20191128015326.jpg
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS
c98f0e6.helph.info
Software
nginx /
Resource Hash
78678590e73693b3afcf4af4d1f207e9588ce1891b9096307737201bc30b4520

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
status
200
access-control-max-age
2592000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 Nov 2020 03:10:38 GMT
edman-black-friday-350-20191128015442.jpg
w.ladicdn.com/s550x600/5bec3902f6d85b4f1259b5a4/
33 KB
33 KB
Image
General
Full URL
https://w.ladicdn.com/s550x600/5bec3902f6d85b4f1259b5a4/edman-black-friday-350-20191128015442.jpg
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS
c98f0e6.helph.info
Software
nginx /
Resource Hash
89655f356adf2bc7872cb6365aadd006d5738810cd35a5c99fc2aca3d0562ccc

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
status
200
access-control-max-age
2592000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 Nov 2020 02:35:32 GMT
banner-web-160x600-20191127020355.png
w.ladicdn.com/s500x950/5bec3902f6d85b4f1259b5a4/
33 KB
33 KB
Image
General
Full URL
https://w.ladicdn.com/s500x950/5bec3902f6d85b4f1259b5a4/banner-web-160x600-20191127020355.png
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.217.188.5 , Bulgaria, ASN31490 (NETIX-MGMT-AS, BG),
Reverse DNS
c98f0e6.helph.info
Software
nginx /
Resource Hash
69b5bd1908b5837ee6741f70b1d0038646e10cd50ef9ebf256de9349cb8426c6

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
status
200
access-control-max-age
2592000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Thu, 26 Nov 2020 02:19:18 GMT
mem8YaGs126MiZpBA-UFWp0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v17/
3 KB
4 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFWp0bf8pkAp6a.woff2
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
074ac4556c0b06d0fb73bbd04909faccc1f60f28b2a873d34bdb0efa6b740800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Origin
https://saffronjahan.lapa.pub

Response headers

date
Wed, 20 Nov 2019 18:54:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
969247
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
3520
x-xss-protection
0
expires
Thu, 19 Nov 2020 18:54:13 GMT
mem5YaGs126MiZpBA-UN7rgOXehpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v17/
3 KB
4 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOXehpKKSTj5PW.woff2
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f47e5856ad7cbe9d872ce57b054a281f0410e101be9fee17cfc149620ba95878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Origin
https://saffronjahan.lapa.pub

Response headers

date
Thu, 21 Nov 2019 17:54:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:06 GMT
server
sffe
age
886429
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
3580
x-xss-protection
0
expires
Fri, 20 Nov 2020 17:54:31 GMT
KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/
3 KB
3 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4efba2511ac7b398ee519551405416b684264c28f052829e9dd86bb836257d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Origin
https://saffronjahan.lapa.pub

Response headers

date
Wed, 20 Nov 2019 19:14:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
968031
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
3352
x-xss-protection
0
expires
Thu, 19 Nov 2020 19:14:29 GMT
KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/
3 KB
3 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Origin
https://saffronjahan.lapa.pub

Response headers

date
Thu, 21 Nov 2019 04:05:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:45 GMT
server
sffe
age
936172
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
3384
x-xss-protection
0
expires
Fri, 20 Nov 2020 04:05:28 GMT
jquery-1.11.3.min.js
code.jquery.com/
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGHB7VH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 02 Dec 2019 00:08:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Apr 2015 16:20:58 GMT
Server
nginx
ETag
W/"553fb36a-176d5"
Vary
Accept-Encoding
X-HW
1575245300.dop006.fr8.shc,1575245300.dop006.fr8.t,1575245300.cds127.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33261
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1262265441&t=pageview&_s=1&dl=https%3A%2F%2Fsaffronjahan.lapa.pub%2F%3Faff_sid%3D3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S&dr=https%3A...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-122997007-1&cid=560202770.1575245300&jid=2043970244&_gid=1519342180.1575245300&gjid=736629298&_v=j79&z=1207894485
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122997007-1&cid=560202770.1575245300&jid=2043970244&_v=j79&z=1207894485
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122997007-1&cid=560202770.1575245300&jid=2043970244&_v=j79&z=1207894485&slf_rd=1&random=2621981198
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122997007-1&cid=560202770.1575245300&jid=2043970244&_v=j79&z=1207894485&slf_rd=1&random=2621981198
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Dec 2019 00:08:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Dec 2019 00:08:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122997007-1&cid=560202770.1575245300&jid=2043970244&_v=j79&z=1207894485&slf_rd=1&random=2621981198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame CC49
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=ed8e595e3d058b3a637ccb6e00fe3f95&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sun, 22 Nov 2020 11:07:04 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
taBY1K9Jh2ebUv1PI9EXaeLIiIj3wbhZbZMmzLWsERPIjpBLj0w/yIjDnrCy1Mfy4+VyQPt5kLjaVDMaLfKe+g==
content-length
12357
x-fb-trip-id
420120009
date
Mon, 02 Dec 2019 00:08:20 GMT
alt-svc
h3-23=":443"; ma=3600
/
www.facebook.com/tr/
44 B
347 B
Image
General
Full URL
https://www.facebook.com/tr/?id=414884212548798&ev=fb_page_view&dl=https%3A%2F%2Fsaffronjahan.lapa.pub%2F%3Faff_sid%3D3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S&rl=https%3A%2F%2Fclick.accesstrade.vn%2Fadv.php%3Freal_ip%3D93.190.140.32%26at_source%3Ddeep_link%26utm_tool%3Ddeeplink%26url%3Dhttps%253A%252F%252Fsaffronjahan.lapa.pub%252F%253Faff_sid%253D%257Bclickid%257D%26redirect_302%3D1%26at_unique_id%3DlC38i_HSWYXbjlB_XbeIXqnxat%26rk%3D0006yc0011f7&if=false&ts=1575245300141&sw=1600&sh=1200
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Mon, 02 Dec 2019 00:08:20 GMT
default
embed.tawk.to/5ce4ff792846b90c57afcbae/
539 KB
116 KB
Script
General
Full URL
https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Requested by
Host: click.accesstrade.vn
URL: https://click.accesstrade.vn/adv.php?real_ip=93.190.140.32&at_source=deep_link&utm_tool=deeplink&url=https%3A%2F%2Fsaffronjahan.lapa.pub%2F%3Faff_sid%3D%7Bclickid%7D&redirect_302=1&at_unique_id=lC38i_HSWYXbjlB_XbeIXqnxat&rk=0006yc0011f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
71cfac40c2581005bf0b89f74cd85e6116a2d597563c606e2a49531d3438e81d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Origin
https://saffronjahan.lapa.pub

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
48
etag
W/"fulls68028"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=14400, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
53e910d63cea59a0-VIE
access-control-allow-origin
*
css
fonts.googleapis.com/ Frame 9E98
8 KB
664 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 02 Dec 2019 00:08:20 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 02 Dec 2019 00:08:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 02 Dec 2019 00:08:20 GMT
css
fonts.googleapis.com/ Frame 8441
8 KB
664 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 02 Dec 2019 00:08:20 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 02 Dec 2019 00:08:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 02 Dec 2019 00:08:20 GMT
css
fonts.googleapis.com/ Frame E056
8 KB
664 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 02 Dec 2019 00:08:20 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 02 Dec 2019 00:08:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 02 Dec 2019 00:08:20 GMT
css
fonts.googleapis.com/ Frame 4F06
8 KB
664 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 02 Dec 2019 00:08:20 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 02 Dec 2019 00:08:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 02 Dec 2019 00:08:20 GMT
css
fonts.googleapis.com/ Frame E054
8 KB
664 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 02 Dec 2019 00:08:20 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 02 Dec 2019 00:08:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 02 Dec 2019 00:08:20 GMT
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame E054
192 B
268 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Mon, 02 Dec 2019 00:08:20 GMT
content-length
152
x-served-by
cache-ams21037-AMS, cache-fra19154-FRA
etag
W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame E054
295 KB
53 KB
Script
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Mon, 02 Dec 2019 00:08:20 GMT
content-length
53890
x-served-by
cache-ams21033-AMS, cache-fra19154-FRA
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
b4109fc2f50426e5bb09f2c3689b2397d732379f
tawk.link/5ce4ff792846b90c57afcbae/var/chat_bubble/ Frame 4F06
18 KB
19 KB
Image
General
Full URL
https://tawk.link/5ce4ff792846b90c57afcbae/var/chat_bubble/b4109fc2f50426e5bb09f2c3689b2397d732379f
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e9e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b7b9f5135f3a269e5de29dfb8ad3c10e791f7e3fe3d9280b2fc218c8385dc7ef

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
cf-cache-status
HIT
server
cloudflare
age
47
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
cache-control
max-age=86400
cf-ray
53e910d6fdfbcb98-VIE
1575245300282
va.tawk.to/register/
697 B
1 KB
XHR
General
Full URL
https://va.tawk.to/register/1575245300282
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b16d38a8c820b7652acb184801a6486d87c2a4f24f1d8b604c2f8f3d981b30d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Origin
https://saffronjahan.lapa.pub
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status
200
vary
Accept-Encoding
x-served-by
visitor-application-preemptive-nm3m
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://saffronjahan.lapa.pub
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
53e910d6faae59c4-VIE
access-control-allow-headers
origin, content-type
check
la.ladipage.com/2.0/domain/
4 B
558 B
XHR
General
Full URL
https://la.ladipage.com/2.0/domain/check
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.min.js?v=1574848888714
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.204.42 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-76-204-42.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9aee6b1bcdf617d8e39bb1f2b624c68ea33deb9d48e0364aeaded836d3d00293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Request-Method
POST
Origin
https://saffronjahan.lapa.pub
Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
x-content-type-options
nosniff
status
200
content-length
4
x-xss-protection
1; mode=block
allow
POST
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
x-download-options
noopen
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
collect
www.google-analytics.com/
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1262265441&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsaffronjahan.lapa.pub%2F%3Faff_sid%3D3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S&dr=https%3A%2F%2Fclick.accesstrade.vn%2Fadv.php%3Freal_ip%3D93.190.140.32%26at_source%3Ddeep_link%26utm_tool%3Ddeeplink%26url%3Dhttps%253A%252F%252Fsaffronjahan.lapa.pub%252F%253Faff_sid%253D%257Bclickid%257D%26redirect_302%3D1%26at_unique_id%3DlC38i_HSWYXbjlB_XbeIXqnxat%26rk%3D0006yc0011f7&ul=en-us&de=UTF-8&dt=Black%20Friday%20-%20Saffron%20VIETNAM&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=LadiPageScrollDepth&ea=ScrollDepth_50_percent&el=saffronjahan.lapa.pub%2F&_u=KEBAAUAB~&jid=&gjid=&cid=560202770.1575245300&tid=UA-122997007-1&_gid=1519342180.1575245300&gtm=2ouav9&z=734897986
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Nov 2019 23:44:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
951802
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.2/webfonts/
73 KB
73 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.fontawesome.com/releases/v5.8.2/css/all.css
Origin
https://saffronjahan.lapa.pub

Response headers

date
Mon, 02 Dec 2019 00:08:20 GMT
last-modified
Tue, 07 May 2019 16:51:05 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"64b3e814a66c2719b15abf8f7998bd73"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
74328
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ Frame E056
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Origin
https://saffronjahan.lapa.pub

Response headers

date
Thu, 21 Nov 2019 15:18:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
895809
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Fri, 20 Nov 2020 15:18:11 GMT
S6uyw4BMUTPHjxAwXiWtFCfQ7A.woff2
fonts.gstatic.com/s/lato/v16/ Frame E056
3 KB
3 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjxAwXiWtFCfQ7A.woff2
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3dec2ba3a35b2d878329a4687f5061f4a62030ad69bd0ebb2ca61c4fda102f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Origin
https://saffronjahan.lapa.pub

Response headers

date
Thu, 21 Nov 2019 17:22:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:44 GMT
server
sffe
age
888361
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
2888
x-xss-protection
0
expires
Fri, 20 Nov 2020 17:22:19 GMT
/
vs114.tawk.to/s/
101 B
200 B
XHR
General
Full URL
https://vs114.tawk.to/s/?k=5de455f4ff871f49d897bc8d&u=OVUvv41cKAbolB%2FZG%2BLHk7uLMjUb6FO8G5O2nSpbLqXjcPMJyoqGjcMZGv%2BYF%2FcN&uv=2&a=5ce4ff792846b90c57afcbae&cver=0&pop=false&w=2lLD93&jv=680&asver=2864&ust=false&p=Black%20Friday%20-%20Saffron%20VIETNAM&r=https%3A%2F%2Fclick.accesstrade.vn%2Fadv.php%3Freal_ip%3D93.190.140.32%26at_source%3Ddeep_link%26utm_tool%3Ddeeplink%26url%3Dhttps%253A%252F%252Fsaffronjahan.lapa.pub%252F%253Faff_sid%253D%257Bclickid%257D%26redirect_302%3D1%26at_unique_id%3DlC38i_HSWYXbjlB_XbeIXqnxat%26rk%3D0006yc0011f7&EIO=3&transport=polling&__t=Mx3xyEG
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
91b17f10d691bd5a79506fe83b256502bbfbbcfa7a7cde5b8cb3229eded87764
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Origin
https://saffronjahan.lapa.pub

Response headers

date
Mon, 02 Dec 2019 00:08:21 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://saffronjahan.lapa.pub
access-control-allow-credentials
true
cf-ray
53e910d90b6959c4-VIE
content-length
101
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame E054
413 B
538 B
Image
General
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
image/png
status
200
access-control-expose-headers
*
cache-control
public, max-age=31536000
date
Mon, 02 Dec 2019 00:08:20 GMT
accept-ranges
bytes
timing-allow-origin
*
content-length
413
x-served-by
cache-ams21051-AMS, cache-fra19154-FRA
check
la.ladipage.com/2.0/domain/
41 B
544 B
XHR
General
Full URL
https://la.ladipage.com/2.0/domain/check
Requested by
Host: saffronjahan.lapa.pub
URL: https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.204.42 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-76-204-42.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5d3b2452767fe8dfb790b38c0249af373528ca83562c4ed3732542ce234d4c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Origin
https://saffronjahan.lapa.pub
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 02 Dec 2019 00:08:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
nginx
x-frame-options
SAMEORIGIN
x-download-options
noopen
x-ratelimit-remaining
499
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-ratelimit-reset
1575245302
x-ratelimit-limit
500
x-robots-tag
noindex, nofollow
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
/
vs114.tawk.to/s/
786 B
846 B
XHR
General
Full URL
https://vs114.tawk.to/s/?k=5de455f4ff871f49d897bc8d&u=OVUvv41cKAbolB%2FZG%2BLHk7uLMjUb6FO8G5O2nSpbLqXjcPMJyoqGjcMZGv%2BYF%2FcN&uv=2&a=5ce4ff792846b90c57afcbae&cver=0&pop=false&w=2lLD93&jv=680&asver=2864&ust=false&p=Black%20Friday%20-%20Saffron%20VIETNAM&r=https%3A%2F%2Fclick.accesstrade.vn%2Fadv.php%3Freal_ip%3D93.190.140.32%26at_source%3Ddeep_link%26utm_tool%3Ddeeplink%26url%3Dhttps%253A%252F%252Fsaffronjahan.lapa.pub%252F%253Faff_sid%253D%257Bclickid%257D%26redirect_302%3D1%26at_unique_id%3DlC38i_HSWYXbjlB_XbeIXqnxat%26rk%3D0006yc0011f7&EIO=3&transport=polling&__t=Mx3xyMc.0&sid=eiKaMwlr5OS-YDUFcl7R
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e88bf78ca827b2f23e10b41df8df2ec899ed6de954a551f9cab9b804f7d6678b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Origin
https://saffronjahan.lapa.pub

Response headers

date
Mon, 02 Dec 2019 00:08:21 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://saffronjahan.lapa.pub
access-control-allow-credentials
true
cf-ray
53e910dc4cb459c4-VIE
content-length
786
v3
va.tawk.to/log-performance/
5 B
207 B
XHR
General
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Origin
https://saffronjahan.lapa.pub
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 02 Dec 2019 00:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Accept-Encoding
x-served-by
visitor-application-preemptive-s52v
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://saffronjahan.lapa.pub
access-control-allow-credentials
true
cf-ray
53e910df6de559c4-VIE
access-control-allow-headers
origin, content-type
/
vs114.tawk.to/s/
4 B
86 B
XHR
General
Full URL
https://vs114.tawk.to/s/?k=5de455f4ff871f49d897bc8d&u=OVUvv41cKAbolB%2FZG%2BLHk7uLMjUb6FO8G5O2nSpbLqXjcPMJyoqGjcMZGv%2BYF%2FcN&uv=2&a=5ce4ff792846b90c57afcbae&cver=0&pop=false&w=2lLD93&jv=680&asver=2864&ust=false&p=Black%20Friday%20-%20Saffron%20VIETNAM&r=https%3A%2F%2Fclick.accesstrade.vn%2Fadv.php%3Freal_ip%3D93.190.140.32%26at_source%3Ddeep_link%26utm_tool%3Ddeeplink%26url%3Dhttps%253A%252F%252Fsaffronjahan.lapa.pub%252F%253Faff_sid%253D%257Bclickid%257D%26redirect_302%3D1%26at_unique_id%3DlC38i_HSWYXbjlB_XbeIXqnxat%26rk%3D0006yc0011f7&EIO=3&transport=polling&__t=Mx3xyUP&sid=eiKaMwlr5OS-YDUFcl7R
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ce4ff792846b90c57afcbae/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
Origin
https://saffronjahan.lapa.pub

Response headers

date
Mon, 02 Dec 2019 00:08:22 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://saffronjahan.lapa.pub
access-control-allow-credentials
true
cf-ray
53e910df6de859c4-VIE
content-length
4
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1262265441&t=event&ni=1&_s=3&dl=https%3A%2F%2Fsaffronjahan.lapa.pub%2F%3Faff_sid%3D3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S&dr=https%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-122997007-1&cid=560202770.1575245300&jid=757633346&_gid=1519342180.1575245300&gjid=919312173&_v=j79&z=1585513230
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122997007-1&cid=560202770.1575245300&jid=757633346&_v=j79&z=1585513230
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122997007-1&cid=560202770.1575245300&jid=757633346&_v=j79&z=1585513230&slf_rd=1&random=3738559214
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122997007-1&cid=560202770.1575245300&jid=757633346&_v=j79&z=1585513230&slf_rd=1&random=3738559214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saffronjahan.lapa.pub/?aff_sid=3X6sBqXBKr5wtS6017r0NQhgBNn356R7bNGfOZmRsQfa763S
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Dec 2019 00:08:30 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Dec 2019 00:08:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122997007-1&cid=560202770.1575245300&jid=757633346&_v=j79&z=1585513230&slf_rd=1&random=3738559214
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| ladi_viewport boolean| ladi_is_desktop function| gtm object| dataLayer object| FB object| google_tag_manager function| gtag string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Tawk_API object| Tawk_LoadStart function| dataLayerPush function| $ function| jQuery boolean| clickable object| AT function| validateform function| at_setCookie string| cookie_domain string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName function| LadiPageScriptV2 object| Base64 object| LadiPageScript function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi object| LadiPageApp

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.eragalaxy.com.vn
cdn.jsdelivr.net
click.accesstrade.vn
code.jquery.com
connect.facebook.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
go.isclix.com
la.ladipage.com
saffronjahan.lapa.pub
shorten.asia
staticxx.facebook.com
stats.g.doubleclick.net
tawk.link
use.fontawesome.com
va.tawk.to
vs114.tawk.to
w.ladicdn.com
www.e-mailit.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.251.251.159
171.244.34.116
2001:4de0:ac19::1:b:2a
210.245.26.140
23.111.9.35
2606:4700:10::6814:f34f
2606:4700:20::681a:e9e
2606:4700:30::681b:a82a
2a00:1450:4001:800::2004
2a00:1450:4001:806::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:81b::2008
2a00:1450:4001:820::200a
2a00:1450:400c:c08::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::621
52.76.204.42
52.77.0.178
52.77.48.212
85.217.188.5
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
074ac4556c0b06d0fb73bbd04909faccc1f60f28b2a873d34bdb0efa6b740800
0b7c00a44d93feab8a540e4b0e066be42babdb1e35c9f05b511a3b022933df8a
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
3514354e383ea094762977b178d3823850461fc23eeed457a0f2566deb168904
35327bcecf226f1e75d221cf9b537d5d8a127dd1e38298cc4596bcf638f6071a
3b1b5a0b9e82052c4f876e48d48549b472d8ef86f1b347931f8fcbe7997197cf
3dec2ba3a35b2d878329a4687f5061f4a62030ad69bd0ebb2ca61c4fda102f38
40b8ff088da2c5ebda44374dd7429ba795b57e5760356e4d81ab41fab158c215
4c47b6e716595a8d6e5dd2f8e277cd3d928f1fa82dd32104dd066ea8f6b19c8b
4efba2511ac7b398ee519551405416b684264c28f052829e9dd86bb836257d90
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d3b2452767fe8dfb790b38c0249af373528ca83562c4ed3732542ce234d4c9a
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d
69b5bd1908b5837ee6741f70b1d0038646e10cd50ef9ebf256de9349cb8426c6
71cfac40c2581005bf0b89f74cd85e6116a2d597563c606e2a49531d3438e81d
78678590e73693b3afcf4af4d1f207e9588ce1891b9096307737201bc30b4520
82f5903c68786f03ae731fcea8aca570a364c8b3464e22b52b63dddb20917224
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89655f356adf2bc7872cb6365aadd006d5738810cd35a5c99fc2aca3d0562ccc
8b64d3b1c632d19e5166b292a7e9065129315eb371fa601b7019d9a9bc8bec00
91b17f10d691bd5a79506fe83b256502bbfbbcfa7a7cde5b8cb3229eded87764
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9aee6b1bcdf617d8e39bb1f2b624c68ea33deb9d48e0364aeaded836d3d00293
9b16d38a8c820b7652acb184801a6486d87c2a4f24f1d8b604c2f8f3d981b30d
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
b7b9f5135f3a269e5de29dfb8ad3c10e791f7e3fe3d9280b2fc218c8385dc7ef
bf0a1b46699f370dcc64c43748ff4af4642c210fd9854948e8120f09669e2478
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
d5b12ba320d79744057a337087cb9fb09cec08a78576936f0c69bb44132823e0
dacbb93fdb4065e14e1e52ff93df628f130d5db557e42222f27e71d3b86e524b
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e88bf78ca827b2f23e10b41df8df2ec899ed6de954a551f9cab9b804f7d6678b
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f47e5856ad7cbe9d872ce57b054a281f0410e101be9fee17cfc149620ba95878
f4ca26bcb7504e6fe42043d9e3e698aa6903fe27f9d01145dbd51c55a8456c66
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f9f739d98a288413462e77a21499f9c04762134628537076804ee48d4782687a
fe15edb3e9bb868220b33ad7abab78058d644e43e26abc8a9321415b26e1e793
ff1940bcaa63336abb393f57c1bcc1eaad14a2200ecf6d9e53385eb881fc8cb0