thachgiamcan.jellyslim.clix9.com Open in urlscan Pro
54.169.219.94 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Submission: On July 19 via api (July 19th 2021, 2:10:22 am UTC) from SG

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 40 HTTP transactions. The main IP is 54.169.219.94, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is thachgiamcan.jellyslim.clix9.com.
TLS certificate: Issued by R3 on June 2nd 2021. Valid for: 3 months.

This is the only time thachgiamcan.jellyslim.clix9.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.169.219.94 54.169.219.94	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
15	2606:4700::68... 2606:4700::6812:d44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.254.219.240 54.254.219.240	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	52.74.211.60 52.74.211.60	16509 (AMAZON-02) (AMAZON-02)
1	13.224.99.100 13.224.99.100	16509 (AMAZON-02) (AMAZON-02)
2	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.99.19 13.224.99.19	16509 (AMAZON-02) (AMAZON-02)
1	13.224.99.30 13.224.99.30	16509 (AMAZON-02) (AMAZON-02)
1	157.230.253.19 157.230.253.19	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
40	13

1 54.169.219.94 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-219-94.ap-southeast-1.compute.amazonaws.com

thachgiamcan.jellyslim.clix9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:d44 (United States)

ASN13335 (CLOUDFLARENET, US)

w.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.254.219.240 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-219-240.ap-southeast-1.compute.amazonaws.com

service-api.accesstrade.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.74.211.60 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-211-60.ap-southeast-1.compute.amazonaws.com

a.ladipage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.99.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-100.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.99.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-19.zrh50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.99.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-30.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.230.253.19 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

api.trackpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ladicdn.com w.ladicdn.com	402 KB
9	gstatic.com fonts.gstatic.com	107 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	70 KB
2	mgid.com a.mgid.com	4 KB
2	ladipage.com a.ladipage.com	560 B
2	googletagmanager.com www.googletagmanager.com	77 KB
1	trackpush.com api.trackpush.com	27 KB
1	accesstrade.vn service-api.accesstrade.vn	4 KB
1	googleapis.com fonts.googleapis.com	873 B
1	clix9.com thachgiamcan.jellyslim.clix9.com	25 KB
40	11

	Domain	Requested by
15	w.ladicdn.com	thachgiamcan.jellyslim.clix9.com
9	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	a.mgid.com	thachgiamcan.jellyslim.clix9.com
2	a.ladipage.com	w.ladicdn.com
2	www.googletagmanager.com	thachgiamcan.jellyslim.clix9.com www.googletagmanager.com
1	api.trackpush.com	thachgiamcan.jellyslim.clix9.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	thachgiamcan.jellyslim.clix9.com
1	service-api.accesstrade.vn	thachgiamcan.jellyslim.clix9.com
1	fonts.googleapis.com	thachgiamcan.jellyslim.clix9.com
1	thachgiamcan.jellyslim.clix9.com
40	13

This site contains no links.

Subject Issuer	Validity	Valid
thachgiamcan.jellyslim.clix9.com R3	`2021-06-02` - `2021-08-31`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
ladicdn.com Cloudflare Inc ECC CA-3	`2021-06-12` - `2022-06-11`	a year	crt.sh
*.accesstrade.vn RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-04-12` - `2022-05-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
a.ladipage.com Amazon	`2021-07-17` - `2022-08-15`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.trackpush.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-15` - `2022-07-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Frame ID: 5D440646885C129EE3E9B256F2C2B822
Requests: 38 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 5587BB5C371B02505A7B8DD8F077716C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

40
Requests

100 %
HTTPS

38 %
IPv6

11
Domains

13
Subdomains

13
IPs

3
Countries

737 kB
Transfer

1625 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
thachgiamcan.jellyslim.clix9.com/ 152 KB
25 KB 498ms
167ms Document
text/html 54.169.219.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.219.94 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-219-94.ap-southeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 3ff21adfd4a6203a388757c01b37078db62f075a65c518a933c9a32e42eccf74

Request headers

:method: GET
:authority: thachgiamcan.jellyslim.clix9.com
:scheme: https
:path: /?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: openresty
date: Mon, 19 Jul 2021 02:10:04 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
set-cookie: LADI_CLIENT_ID=74a01ada-f32f-431b-51e0-1c039a91738b; Expires=Thu, 17 Jul 2031 02:10:04 GMT LADI_PAGE_VIEW=0; Expires=Thu, 17 Jul 2031 02:10:04 GMT LADI_FORM_SUBMIT=0; Expires=Thu, 17 Jul 2031 02:10:04 GMT LADI_PAGE_VIEW=1; Expires=Thu, 17 Jul 2031 02:10:04 GMT LADI_CAMP_ID=; Max-Age=0 LADI_CAMP_NAME=; Max-Age=0 LADI_CAMP_TYPE=; Max-Age=0 LADI_CAMP_ORIGIN_URL=; Max-Age=0 LADI_CAMP_TARGET_URL=; Max-Age=0 LADI_CAMP_PAGE_VIEW=; Max-Age=0 LADI_CAMP_FORM_SUBMIT=; Max-Age=0 LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Max-Age=0 LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Max-Age=0 LADI_CAMP_CONFIG=; Max-Age=0 LADI_CAMP_END_DATE=; Max-Age=0 LADI_FUNNEL_NEXT_URL=; Max-Age=0 LADI_FUNNEL_PREV_URL=; Max-Age=0
statuscode: 200
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 8 KB
873 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:bold,regular|Montserrat:bold,regular&display=swap

Requested by

Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8046faa2cab1569d3c5cfb938354464157c96ae997004c98ecf70e0336931ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 02:10:04 GMT
server: ESF
date: Mon, 19 Jul 2021 02:10:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Jul 2021 02:10:04 GMT

GET
H2 200 ladipage.min.js Show response
w.ladicdn.com/v2/source/ 208 KB
50 KB 54ms
31ms Script
text/javascript 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.min.js?v=1601977715702
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25bddfccb712ac59453ef83082a4c0cbda298d17c7f2b60834e8da00e7baf029

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 980889
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67106948d81ec2d1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H3-29 200 ladipage.min.css
w.ladicdn.com/v2/source/ 65 KB
7 KB 32ms
22ms Stylesheet
text/css 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.min.css?v=1601977715702
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bba875302b129847c1b0c14a5abbd40840358939392ae25ee8acd66c1c74045

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 980888
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67106949bebe4de2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H2 200 d2c.js Show response
service-api.accesstrade.vn/js/v2/ 15 KB
4 KB 503ms
168ms Script
application/x-javascript 54.254.219.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://service-api.accesstrade.vn/js/v2/d2c.js
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.254.219.240 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-254-219-240.ap-southeast-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: 64617037040aa2a42e350b01e3b753ac94f13ed34bab0693510f0a109b13c9d6

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 10:55:49 GMT
server: LiteSpeed
etag: "3ba4-60c09e35-bda90;gz"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3671
expires: Mon, 26 Jul 2021 02:10:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
38 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N7WXPN8

Requested by

Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16fe07fb4f001a778935a578712ce10dd57f94415d266eb38ab14b858fc4074d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38777
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Jul 2021 02:10:04 GMT

GET
H3-29 200 model-s3-backup-20200924031206.png
w.ladicdn.com/s900x950/5984502d80f158a109332cc6/ 60 KB
60 KB 20ms
17ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s900x950/5984502d80f158a109332cc6/model-s3-backup-20200924031206.png
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94afaab118a3337b8392f05efd235d9f456534e37bd6c68d9afdb98bf124301c

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
vary: Accept
cf-cache-status: HIT
age: 101241
cf-polished: origFmt=png, origSize=68042
content-disposition: inline; filename="model-s3-backup-20200924031206.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67106949bec24de2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H3-29 200 ladi-icons.svg
w.ladicdn.com/v2/source/ 800 B
807 B 17ms
17ms Image
image/svg+xml 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/v2/source/ladi-icons.svg
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63d23bf57dcc0b8d2750509399b02799bfc7a35dc962e2e93f818a07de271fe4

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 10194664
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67106949bec34de2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thachgiamcan.jellyslim.clix9.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 483003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 12:00:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thachgiamcan.jellyslim.clix9.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 546220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 18:26:24 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gfD_u50.woff2
fonts.gstatic.com/s/montserrat/v15/ 16 KB
17 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gfD_u50.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f1346ce484527395e2ff61386de858f45b8bb75298fa052b092cb6608393b4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thachgiamcan.jellyslim.clix9.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 17:45:32 GMT
x-content-type-options: nosniff
age: 548672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16872
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 17:45:32 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 12 KB
12 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thachgiamcan.jellyslim.clix9.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 14:33:43 GMT
x-content-type-options: nosniff
age: 473781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11836
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 14:33:43 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/ 12 KB
12 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thachgiamcan.jellyslim.clix9.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 17:10:55 GMT
x-content-type-options: nosniff
age: 464349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11860
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:33 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 17:10:55 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thachgiamcan.jellyslim.clix9.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 14:01:00 GMT
x-content-type-options: nosniff
age: 475744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 14:01:00 GMT

GET
H3-29 200 jelly-slim_01-20200924033437.jpg
w.ladicdn.com/s1440x1072/5984502d80f158a109332cc6/ 39 KB
40 KB 21ms
20ms Image
image/jpeg 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1440x1072/5984502d80f158a109332cc6/jelly-slim_01-20200924033437.jpg
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f12a15af55b1dabb41d293f742b60184a136559c92f719c4fdcde4f3fdb891d2

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 101242
cf-polished: origSize=43434, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6710694a2f734de2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H3-29 200 logo-20200924031058.png
w.ladicdn.com/s900x450/5984502d80f158a109332cc6/ 17 KB
17 KB 15ms
14ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s900x450/5984502d80f158a109332cc6/logo-20200924031058.png
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c75af8a98c47e0dc1bb2fc9b94910cb3e6dcac1882a4d88dc297f728bfe4b8c3

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
vary: Accept
cf-cache-status: HIT
age: 101242
cf-polished: origFmt=png, origSize=17926
content-disposition: inline; filename="logo-20200924031058.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6710694a2f764de2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H3-29 200 bg-text-1-20200924031053.png
w.ladicdn.com/s650x550/5984502d80f158a109332cc6/ 2 KB
2 KB 21ms
20ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s650x550/5984502d80f158a109332cc6/bg-text-1-20200924031053.png
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e0a1efd60ac5219ea7525982478a19fbc36ece93ca50579779919d5ecbef6a7

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
vary: Accept
cf-cache-status: HIT
age: 101242
cf-polished: origFmt=png, origSize=2014
content-disposition: inline; filename="bg-text-1-20200924031053.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6710694a2f784de2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H3-29 200 bg-text-2-20200924031058.png
w.ladicdn.com/s700x500/5984502d80f158a109332cc6/ 1 KB
2 KB 22ms
21ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s700x500/5984502d80f158a109332cc6/bg-text-2-20200924031058.png
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bcb14980360f47185294e85e3fda67e64cf45fad41ec646f248b713add2693f

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
vary: Accept
cf-cache-status: HIT
age: 101242
cf-polished: origFmt=png, origSize=1993
content-disposition: inline; filename="bg-text-2-20200924031058.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6710694a2f794de2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H3-29 200 btn-20200924035952.png
w.ladicdn.com/s309x69/5984502d80f158a109332cc6/ 3 KB
4 KB 15ms
14ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s309x69/5984502d80f158a109332cc6/btn-20200924035952.png
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 592ebc9f916a1a9c0e8ca0a47bb16331971b10fe188f8ee2be8bcf58160138f8

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
vary: Accept
cf-cache-status: HIT
age: 101241
cf-polished: origFmt=png, origSize=5531
content-disposition: inline; filename="btn-20200924035952.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6710694a2f7a4de2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H3-29 200 sp1-20200924033039.png
w.ladicdn.com/s1150x750/5984502d80f158a109332cc6/ 115 KB
116 KB 22ms
21ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1150x750/5984502d80f158a109332cc6/sp1-20200924033039.png
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e280b8d9e51ec89068b43a6939ce555b6271db14774adeef00f62d44cb396b59

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
vary: Accept
cf-cache-status: HIT
age: 101242
cf-polished: origFmt=png, origSize=127678
content-disposition: inline; filename="sp1-20200924033039.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6710694a2f7b4de2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H3-29 200 sub1-s2-20200924031217.jpg
w.ladicdn.com/s550x500/5984502d80f158a109332cc6/ 12 KB
12 KB 28ms
26ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s550x500/5984502d80f158a109332cc6/sub1-s2-20200924031217.jpg
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3485a1fe9184028f0dfc5f7e4d9283c414290024eab5407046abe0e8e1a9606

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
vary: Accept
cf-cache-status: HIT
age: 3477
cf-polished: origFmt=jpeg, origSize=12123
content-disposition: inline; filename="sub1-s2-20200924031217.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6710694a2f7c4de2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H3-29 200 sub2-s2-20200924031232.jpg
w.ladicdn.com/s550x500/5984502d80f158a109332cc6/ 11 KB
11 KB 27ms
27ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s550x500/5984502d80f158a109332cc6/sub2-s2-20200924031232.jpg
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ccc66f126483ebcacd89692e94dd0c29a4a5244dcee369a57fd32c43c054c4e

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
vary: Accept
cf-cache-status: HIT
age: 101241
cf-polished: origFmt=jpeg, origSize=11643
content-disposition: inline; filename="sub2-s2-20200924031232.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6710694a2f7e4de2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H3-29 200 sub3-s2-20200924031232.jpg
w.ladicdn.com/s550x500/5984502d80f158a109332cc6/ 8 KB
9 KB 27ms
27ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s550x500/5984502d80f158a109332cc6/sub3-s2-20200924031232.jpg
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa60b8d84e01c88d16a26fc21daccb4b4abd68dbf217ac736886699ce1fdb2b

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
vary: Accept
cf-cache-status: HIT
age: 101241
cf-polished: origFmt=jpeg, origSize=9434
content-disposition: inline; filename="sub3-s2-20200924031232.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6710694a2f804de2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H3-29 200 sub4-s2-20200924041015.jpg
w.ladicdn.com/s550x550/5984502d80f158a109332cc6/ 15 KB
16 KB 15ms
14ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s550x550/5984502d80f158a109332cc6/sub4-s2-20200924041015.jpg
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74ea082ad6a0f22b18571ffb65e7038a8a8d1b8f91e0c2da1289b84388d095c8

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
vary: Accept
cf-cache-status: HIT
age: 101241
cf-polished: origFmt=jpeg, origSize=23680
content-disposition: inline; filename="sub4-s2-20200924041015.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6710694a2f814de2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H3-29 200 model1-s2-20200924031059.png
w.ladicdn.com/s750x1000/5984502d80f158a109332cc6/ 55 KB
56 KB 15ms
15ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s750x1000/5984502d80f158a109332cc6/model1-s2-20200924031059.png
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf288e75639dc2c0edc63046bf6ae3dce67595423f8940f89689685fcd8c680

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
vary: Accept
cf-cache-status: HIT
age: 101241
cf-polished: origFmt=png, origSize=61682
content-disposition: inline; filename="model1-s2-20200924031059.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6710694a2f824de2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Tue, 19 Jul 2022 02:10:04 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 5 KB
5 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thachgiamcan.jellyslim.clix9.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 11:42:12 GMT
x-content-type-options: nosniff
age: 484072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5524
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 11:42:12 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/ 5 KB
5 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thachgiamcan.jellyslim.clix9.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 21:52:56 GMT
x-content-type-options: nosniff
age: 533828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 21:52:56 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gbD_u50.woff2
fonts.gstatic.com/s/montserrat/v15/ 7 KB
7 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gbD_u50.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f577e38d7d518722295fa21ff313d950c77f2e096ec0cc0bbbf226f7fca1d1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thachgiamcan.jellyslim.clix9.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 00:59:19 GMT
x-content-type-options: nosniff
age: 522645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6680
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 00:59:19 GMT

OPTIONS
H2 200 event
a.ladipage.com/ Frame 0
0 495ms
165ms Preflight
application/json 52.74.211.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Protocol

Server

52.74.211.60 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-211-60.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_form_submit_daily,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_page_view_daily,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_form_submit_daily,ladi_page_view,ladi_page_view_daily
Origin: https://thachgiamcan.jellyslim.clix9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age: 2592000
vary: Accept-Encoding
content-encoding: gzip

POST
H2 200 event Show response
a.ladipage.com/ 34 B
560 B 168ms
168ms XHR
text/plain 52.74.211.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.min.js?v=1601977715702

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.74.211.60 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-211-60.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

LADI_CLIENT_ID: 74a01ada-f32f-431b-51e0-1c039a91738b
LADI_PAGE_VIEW_DAILY: 0
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT_DAILY: 0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT: 0
LADI_CAMP_TYPE
LADI_CAMP_FORM_SUBMIT_DAILY: 0
LADI_CAMP_PAGE_VIEW_DAILY: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
LADI_FORM_SUBMIT: 0
LADI_CAMP_NAME
Content-Type: application/json
Referer: https://thachgiamcan.jellyslim.clix9.com/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW: 0
LADI_PAGE_VIEW: 1

Response headers

date: Mon, 19 Jul 2021 02:10:05 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

GET
H2 200 hotjar-1022761.js Show response
static.hotjar.com/c/ 150 KB
10 KB 81ms
47ms Script
application/javascript 13.224.99.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1022761.js?sv=6

Requested by

Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.99.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-99-100.zrh50.r.cloudfront.net

Software

Resource Hash

c4c0f622ceb5f3dfec3980991728677eaa774dd1eb4c180c4a7d6369d44d584e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
etag: W/838e2f4ddd9363859c9d54a81a230508
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: TNCnpw-mugU8G4tX6AU6tx127CKBfoPBiuMbzGleg-uZt1lD8ZRWOg==
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129270319-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7WXPN8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

040bde16d6e560d8d492c74a024bb962497f4514c2e54ba6bb15ccdd28f48325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:10:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39674
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Jul 2021 02:10:04 GMT

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 12 KB
4 KB 175ms
139ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1626660604612
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b127181486c082afd048feabd5f69153c3993ccccc57085e4018609ed68f43c3

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 02:10:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 77f2dbd3-b4f1-408e-aff3-66464d548b2c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6710694b19623b13-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129270319-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 4745
date: Mon, 19 Jul 2021 00:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Mon, 19 Jul 2021 02:50:59 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 25ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=809896775&t=pageview&_s=1&dl=https%3A%2F%2Fthachgiamcan.jellyslim.clix9.com%2F%3Fclick_id%3Dae1bfa3c79c6474591e17863dd5d3410%26aff_network%3DSF&ul=en-us&de=UTF-8&dt=jellyslim-vn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1237044039&gjid=676904867&cid=1203054371.1626660605&tid=UA-129270319-1&_gid=1414378085.1626660605&_r=1&gtm=2ou7e0&z=1929184534

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 02:10:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thachgiamcan.jellyslim.clix9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.4511dadc364f0ee7084d.js Show response
script.hotjar.com/ 219 KB
58 KB 51ms
17ms Script
application/javascript 13.224.99.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.4511dadc364f0ee7084d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1022761.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.99.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-99-19.zrh50.r.cloudfront.net

Software

Resource Hash

a0444d309dcb96f091176ba01136e8bea9fdcffa24220ed2a7aea15650fd18be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 14:17:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 301978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59124
access-control-allow-origin: *
last-modified: Thu, 15 Jul 2021 14:16:08 GMT
etag: "fa62a803341910c78a5d640632dc1e3f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: m3BODTGehbTi6GrsTGIIga0sBHxOdcNDaf0SfaRGhE-GGKMo9BpbyQ==

GET
H3-29 200 1x1.gif
a.mgid.com/ 43 B
428 B 176ms
148ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=491791&type=c&tg=&r=https%3A%2F%2Fthachgiamcan.jellyslim.clix9.com%2F%3Fclick_id%3Dae1bfa3c79c6474591e17863dd5d3410%26aff_network%3DSF&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1626660604798
Requested by: Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 02:10:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6710694c3a2cee58-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 5587 2 KB
1 KB 49ms
18ms Document
text/html 13.224.99.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1022761.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-30.zrh50.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thachgiamcan.jellyslim.clix9.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thachgiamcan.jellyslim.clix9.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 04 Jul 2021 20:03:42 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Mon, 28 Jun 2021 11:17:19 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: zuVrOmfSq8ugvT61i9temi7vz9ACf_LRl4jtsIpN_vXDp3dWQdMWrw==
age: 1231583

GET
H/1.1 200
OK v1.js Show response
api.trackpush.com/sdk/ 89 KB
27 KB 695ms
349ms Script
text/javascript 157.230.253.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trackpush.com/sdk/v1.js?pid=NmY2QC7G4xLUA4Af1wN60w&sw_uri=%2Fservice-worker.js&source=cpo&website_category=other

Requested by

Host: thachgiamcan.jellyslim.clix9.com
URL: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

157.230.253.19 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

31d91eb7dd6d33cd5103e2a4fecede8d2601a4eb3b8e8c194d2b46146dc239fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 02:10:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: DENY
Content-Type: text/javascript
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
121 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=809896775&t=event&ni=1&_s=2&dl=https%3A%2F%2Fthachgiamcan.jellyslim.clix9.com%2F%3Fclick_id%3Dae1bfa3c79c6474591e17863dd5d3410%26aff_network%3DSF&ul=en-us&de=UTF-8&dt=jellyslim-vn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=LadiPageTimeOnPage&ea=TimeOnPage_10_seconds&el=thachgiamcan.jellyslim.clix9.com%2F&_u=aEBAAUABAAAAAC~&jid=1604805538&gjid=2096477088&cid=1203054371.1626660605&tid=UA-129270319-1&_gid=1414378085.1626660605&_r=1&gtm=2ou7e0&z=1476065512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thachgiamcan.jellyslim.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 02:10:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thachgiamcan.jellyslim.clix9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
thachgiamcan.jellyslim.clix9.com/	1970-01-19 20:34:12	Name: d2c_click_id Value: ae1bfa3c79c6474591e17863dd5d3410
.clix9.com/	1970-01-19 19:51:02	Name: _hjFirstSeen Value: 1
.clix9.com/	1970-01-19 19:51:00	Name: _gat_gtag_UA_129270319_1 Value: 1
.clix9.com/	1970-01-20 13:22:12	Name: _ga Value: GA1.2.1203054371.1626660605
.clix9.com/	1970-01-19 19:52:27	Name: _gid Value: GA1.2.1414378085.1626660605
thachgiamcan.jellyslim.clix9.com/	1970-01-19 22:00:36	Name: MgidSensorHref Value: https://thachgiamcan.jellyslim.clix9.com/?click_id=ae1bfa3c79c6474591e17863dd5d3410&aff_network=SF
thachgiamcan.jellyslim.clix9.com/	1969-12-31 23:59:59	Name: _timenow Value: 1626660604578
thachgiamcan.jellyslim.clix9.com/	1970-01-23 11:27:00	Name: LADI_PAGE_VIEW Value: 1
thachgiamcan.jellyslim.clix9.com/	1970-01-19 22:00:36	Name: MgidSensorNVis Value: 1
thachgiamcan.jellyslim.clix9.com/	1970-01-23 11:27:00	Name: LADI_CLIENT_ID Value: 74a01ada-f32f-431b-51e0-1c039a91738b
thachgiamcan.jellyslim.clix9.com/	1970-01-23 11:27:00	Name: LADI_FORM_SUBMIT Value: 0
.clix9.com/	1970-01-20 04:36:36	Name: _hjid Value: 21a236f6-e2ea-4fee-90f9-d94ea328530b
.clix9.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
a.mgid.com
api.trackpush.com
fonts.googleapis.com
fonts.gstatic.com
script.hotjar.com
service-api.accesstrade.vn
static.hotjar.com
thachgiamcan.jellyslim.clix9.com
vars.hotjar.com
w.ladicdn.com
www.google-analytics.com
www.googletagmanager.com
104.19.136.78
13.224.99.100
13.224.99.19
13.224.99.30
157.230.253.19
2606:4700::6812:d44
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:829::2008
2a00:1450:4001:831::200a
52.74.211.60
54.169.219.94
54.254.219.240
040bde16d6e560d8d492c74a024bb962497f4514c2e54ba6bb15ccdd28f48325
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
16fe07fb4f001a778935a578712ce10dd57f94415d266eb38ab14b858fc4074d
25bddfccb712ac59453ef83082a4c0cbda298d17c7f2b60834e8da00e7baf029
287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23
2bba875302b129847c1b0c14a5abbd40840358939392ae25ee8acd66c1c74045
31d91eb7dd6d33cd5103e2a4fecede8d2601a4eb3b8e8c194d2b46146dc239fa
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
3e0a1efd60ac5219ea7525982478a19fbc36ece93ca50579779919d5ecbef6a7
3ff21adfd4a6203a388757c01b37078db62f075a65c518a933c9a32e42eccf74
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4cf288e75639dc2c0edc63046bf6ae3dce67595423f8940f89689685fcd8c680
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4f1346ce484527395e2ff61386de858f45b8bb75298fa052b092cb6608393b4f
592ebc9f916a1a9c0e8ca0a47bb16331971b10fe188f8ee2be8bcf58160138f8
63d23bf57dcc0b8d2750509399b02799bfc7a35dc962e2e93f818a07de271fe4
64617037040aa2a42e350b01e3b753ac94f13ed34bab0693510f0a109b13c9d6
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74ea082ad6a0f22b18571ffb65e7038a8a8d1b8f91e0c2da1289b84388d095c8
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7bcb14980360f47185294e85e3fda67e64cf45fad41ec646f248b713add2693f
8046faa2cab1569d3c5cfb938354464157c96ae997004c98ecf70e0336931ab6
8aa60b8d84e01c88d16a26fc21daccb4b4abd68dbf217ac736886699ce1fdb2b
8ccc66f126483ebcacd89692e94dd0c29a4a5244dcee369a57fd32c43c054c4e
94afaab118a3337b8392f05efd235d9f456534e37bd6c68d9afdb98bf124301c
a0444d309dcb96f091176ba01136e8bea9fdcffa24220ed2a7aea15650fd18be
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b127181486c082afd048feabd5f69153c3993ccccc57085e4018609ed68f43c3
c3485a1fe9184028f0dfc5f7e4d9283c414290024eab5407046abe0e8e1a9606
c4c0f622ceb5f3dfec3980991728677eaa774dd1eb4c180c4a7d6369d44d584e
c75af8a98c47e0dc1bb2fc9b94910cb3e6dcac1882a4d88dc297f728bfe4b8c3
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
e280b8d9e51ec89068b43a6939ce555b6271db14774adeef00f62d44cb396b59
f12a15af55b1dabb41d293f742b60184a136559c92f719c4fdcde4f3fdb891d2
f577e38d7d518722295fa21ff313d950c77f2e096ec0cc0bbbf226f7fca1d1e8
fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c

thachgiamcan.jellyslim.clix9.com Open in urlscan Pro 54.169.219.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

38 %IPv6

11 Domains

13 Subdomains

13 IPs

3 Countries

737 kBTransfer

1625 kBSize

13 Cookies

0 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thachgiamcan.jellyslim.clix9.com Open in urlscan Pro
54.169.219.94 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

38 %
IPv6

11
Domains

13
Subdomains

13
IPs

3
Countries

737 kB
Transfer

1625 kB
Size

13
Cookies

40 HTTP transactions
0 data transactions