789-gem.fun Open in urlscan Pro
34.32.135.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://789-gem.fun/
Submission: On April 21 via api (April 21st 2024, 11:19:42 am UTC) from US — Scanned from NL

Summary HTTP 95 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 14 domains to perform 95 HTTP transactions. The main IP is 34.32.135.56, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is 789-gem.fun.
TLS certificate: Issued by R3 on April 21st 2024. Valid for: 3 months.

This is the only time 789-gem.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	34.32.135.56 34.32.135.56	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	2.16.1.171 2.16.1.171	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.67.153.247 172.67.153.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	45.252.249.22 45.252.249.22	63760 (AZDIGI-AS...) (AZDIGI-AS-VN AZDIGI Corporation)
20	123.30.168.3 123.30.168.3	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
5	95.100.146.11 95.100.146.11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
95	23

4 34.32.135.56 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 56.135.32.34.bc.googleusercontent.com

789-gem.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.1.171 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-1-171.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.153.247 (United States)

ASN13335 (CLOUDFLARENET, US)

www.flowercorner.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 45.252.249.22 (Binh Duong, Viet Nam)

ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN)

in.flowercorner.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 123.30.168.3 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

8384f55340.vws.vegacdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.100.146.11 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-11.deploy.static.akamaitechnologies.com

secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	vegacdn.vn 8384f55340.vws.vegacdn.vn	2 MB
12	flowercorner.vn www.flowercorner.vn in.flowercorner.vn	300 KB
8	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5681 secure.livechatinc.com — Cisco Umbrella Rank: 6387 api.livechatinc.com — Cisco Umbrella Rank: 5191	34 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	500 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	274 B
4	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2941	1 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 36 td.doubleclick.net — Cisco Umbrella Rank: 456 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	2 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	334 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	177 KB
4	789-gem.fun 789-gem.fun	347 KB
3	google.nl www.google.nl — Cisco Umbrella Rank: 10513	625 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
0	Failed function sub() { [native code] }. Failed
95	14

	Domain	Requested by
20	8384f55340.vws.vegacdn.vn	789-gem.fun
11	in.flowercorner.vn	789-gem.fun
5	www.facebook.com	789-gem.fun
5	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	789-gem.fun
4	connect.facebook.net	789-gem.fun connect.facebook.net
4	789-gem.fun	789-gem.fun
3	api.livechatinc.com	cdn.livechatinc.com
3	www.google.nl	789-gem.fun
3	www.google.com	789-gem.fun
3	cdn.livechatinc.com	789-gem.fun
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	secure.livechatinc.com	789-gem.fun cdn.livechatinc.com
2	www.google-analytics.com	789-gem.fun www.google-analytics.com
2	www.gstatic.com	789-gem.fun www.google.com
1	region1.analytics.google.com	www.googletagmanager.com
1	td.doubleclick.net	789-gem.fun
1	www.flowercorner.vn	789-gem.fun
1	googleads.g.doubleclick.net	789-gem.fun
1	fonts.googleapis.com	789-gem.fun
0	invalid Failed	789-gem.fun
95	21

This site contains links to these domains. Also see Links.

Domain
www.flowercorner.vn
www.facebook.com
twitter.com
www.instagram.com
apps.apple.com
play.google.com
online.gov.vn
blog.flowercorner.vn
www.linkedin.com
www.youtube.com
goo.gl
g.page
oa.zalo.me

Subject Issuer	Validity	Valid
789-gem.fun R3	`2024-04-21` - `2024-07-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-29` - `2024-04-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-31` - `2025-01-31`	a year	crt.sh
flowercorner.vn E1	`2024-04-20` - `2024-07-19`	3 months	crt.sh
www.flowercorner.vn R3	`2024-03-29` - `2024-06-27`	3 months	crt.sh
*.vws.vegacdn.vn AlphaSSL CA - SHA256 - G4	`2023-04-14` - `2024-05-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://789-gem.fun/
Frame ID: 030903746AEC8B8929B3F487536A5249
Requests: 88 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/817395020?random=1713588583203&cv=11&fst=1713588583203&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44h0v879924426z89135123798za201&gcd=13l3l3l3l1&dma=0&u_w=903&u_h=758&url=https%3A%2F%2Fwww.flowercorner.vn%2F&ref=https%3A%2F%2Fweb.telegram.org%2F&hn=www.googleadservices.com&frm=0&tiba=Shop%20hoa%20t%C6%B0%C6%A1i%20FlowerCorner%3A%20%C4%90%E1%BA%B7t%20Hoa%20Online%20Giao%20Mi%E1%BB%85n%20Ph%C3%AD%20Ch%E1%BB%89%20T%E1%BB%AB%20300K&npa=0&pscdl=noapi&auid=1146950975.1713581530&uaa=&uab=64&uafvl=Chromium%3B118.0.5993.117%7CGoogle%2520Chrome%3B118.0.5993.117%7CNot%253DA%253FBrand%3B99.0.0.0&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1
Frame ID: FC139194C2F7FD18BAA9DFB16D74E72B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/customerchat.php?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fd55442060b614b%26domain%3Dwww.flowercorner.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.flowercorner.vn%252Ff17d5e73188bf3ee9%26relation%3Dparent.parent&container_width=903&current_url=https%3A%2F%2Fwww.flowercorner.vn%2F&is_loaded_by_facade=true&local_state=%7B%22v%22%3A2%2C%22path%22%3A2%2C%22chatState%22%3A1%2C%22visibility%22%3A%22hidden%22%2C%22showUpgradePrompt%22%3A%22not_shown%22%2C%22greetingVisibility%22%3A%22hidden%22%7D&locale=vi_VN&log_id=2488d29d-ec5f-4e44-992d-b67c306f548a&page_id=411745402577295&request_time=1713588596125&sdk=joey
Frame ID: 2513E5A51FDEE433B62DCDA8A3D7B275
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/customer_chat/bubble
Frame ID: 96F3EEA1C257600E69A2CDAEB6B71FF3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/customer_chat/bubble
Frame ID: 0388CCA8C3A9157D2201FFCE369ABA85
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/customer_chat/bubble
Frame ID: 663C445D60DAED74019C4A5326B46F69
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=17487633&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 44210C09FE24A83CEC331924AF91C8A5
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=17487633&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 021EB01C415CDE5A1648159C248BC286
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shop hoa tươi FlowerCorner: Đặt Hoa Online Giao Miễn Phí Chỉ Từ 300K

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

95
Requests

82 %
HTTPS

50 %
IPv6

14
Domains

21
Subdomains

23
IPs

6
Countries

3382 kB
Transfer

6266 kB
Size

12
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://www.flowercorner.vn/?route=account/register
Title: Đăng ký

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/?route=account/login
Title: Đăng nhập

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/?route=checkout/cart
Title: Giỏ hàng

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/?route=checkout/checkout
Title: Thanh toán

Search URL Search Domain Scan URL

URL: https://www.facebook.com/flowercorner.vn/

Search URL Search Domain Scan URL

URL: https://twitter.com/FlowerCorner2

Search URL Search Domain Scan URL

URL: https://www.instagram.com/flowercorner.vn/

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/hoa-tang-tot-nghiep

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/hoa-cuoi-cam-tay

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/hoa-bo-gia-re

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/endless-love-6942
Title: 23%GIẢM

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/dieu-hanh-phuc-7183
Title: 18%GIẢM

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/fairy-tale--6961
Title: 8%GIẢM

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/gio-thu-6468
Title: 10%GIẢM

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/little-tana

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/your-day-7345

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/Bo%20Hoa%20Mat%20Xanh

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/binh-hoa-4114
Title: 8%GIẢM

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/thanh-tu
Title: 11%GIẢM

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/bouquet-5208
Title: 9%GIẢM

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/khuc-tinh-ca
Title: 6%GIẢM

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/nu-cuoi-em
Title: 7%GIẢM

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/Chamomile

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/yeu-tham-7184

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/boi-roi
Title: 12%GIẢM

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/free-spirit
Title: 8%GIẢM

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/forever-young

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/giac-mo-nho-be-6390

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/hen-ho

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/All-the-best

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/may-man-7338

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/mn-5ee4a7b049222

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/BOUQUET-5215
Title: 9%GIẢM

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/bo-hoa-4196

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/ke-hoa-4220

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/ke-hoa-4188

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/ke-hoa-chuc-mung-hong-phat-2-6254

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/ke-hoa-4135
Title: 24%GIẢM

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/ke-hoa-4132

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/hoa-chuc-mung-vung-ben-6243

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/ke-hoa-4179

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/ke-hoa-4219

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/chau-lan-ho-diep---005-5617

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/chau-lan-ho-diep-013

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/chau-lan-ho-diep-011

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/lan-ho-diep-006

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/Chau-Lan-4077

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/chau-Lan-008

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/ORCHID-4110

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/san-pham/lan-ho-diep-005

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/
Title: shop hoa tươi

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/hoa-chuc-mung-sinh-nhat
Title: Hoa sinh nhật

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/hoa-khai-truong
Title: Hoa khai trương

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/hoa-tang-le
Title: Hoa tang lễ

Search URL Search Domain Scan URL

URL: https://www.flowercorner.vn/hoa-chuc-mung
Title: Hoa chúc mừng

Search URL Search Domain Scan URL

URL: https://apps.apple.com/vn/app/flower-corner/id1476554359

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=zas.trading.fc.app

Search URL Search Domain Scan URL

URL: http://online.gov.vn/Home/WebDetails/58269

Search URL Search Domain Scan URL

URL: https://blog.flowercorner.vn/
Title: Blog

Search URL Search Domain Scan URL

URL: https://twitter.com/FlowerCorner3
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/flowercorner/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/flowercorner
Title: Youtube

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/qiFtVyQi725jyLVT9
Title: 142 Nguyễn Văn Cừ, Phường Nguyễn Cư Trinh, Quận 1, TP.HCM

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/iWYo2zvPormh4Goz9
Title: 225/3 Nguyễn Đình Chiểu, Phường 5, Quận 3, TP.HCM

Search URL Search Domain Scan URL

URL: https://g.page/flowercornerhanoi
Title: 65 Trần Phú, Ba Đình, Hà Nội

Search URL Search Domain Scan URL

URL: https://oa.zalo.me/1057696361500855184
Title: .cls-1 { fill: none; } Zalo Nhắn Tin Zalo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
789-gem.fun/ 1 MB
346 KB 362ms
182ms Document
text/html 34.32.135.56
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 56.135.32.34.bc.googleusercontent.com
Software: railway /
Resource Hash: c69ce120a7308882f6fc6de703f01eeb43965fbb1cf8ba1fe7c697eb88758006

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 21 Apr 2024 11:19:24 GMT
etag: W/"6624c09b-135025"
last-modified: Sun, 21 Apr 2024 07:30:35 GMT
server: railway

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/vi_VN/sdk/ 314 KB
91 KB 224ms
54ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dd32fac27277a59e77fc030db5706270ebd0ac5f438d08f9a558d28c962e5e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 Apr 2024 11:19:24 GMT
content-md5: acauxSjXDj5zjqiKtziWkg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 91481
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=12, mss=1294, tbw=2771, tp=-1, tpl=-1, uplat=3, ullat=-1
x-fb-debug: iWo64K7Wuhjhs5fIvZiMgBMoP43sb1kQbmYHEMBb2hWEkwM4HvKEIraL6VkrVgbZGlo6S4ogcVAgXDpe8vrvJg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 19515a4354bc0d19cd9bde1bac79dc60
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "3a555cdbc8dd46e87688d486d0448c60"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 21 Apr 2024 11:32:00 GMT

GET
H2 200 recaptcha__vi.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 508 KB
201 KB 210ms
36ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__vi.js

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2e3de6b5975c4a925aec488912ada87d36d40e76e0a072ad17d94990a31690f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Origin: https://789-gem.fun
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 00:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205201
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Apr 2025 00:21:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 182ms
41ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 Apr 2024 09:39:22 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6003
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 21 Apr 2024 11:39:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
71 KB 493ms
49ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-114815169-1&l=dataLayer&cx=c

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ec01f8b2dd5b78453bccde326e99be8648e0f1a2efc52065cfa6e9c02408684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72267
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Apr 2024 11:19:25 GMT

GET
H2 200 241208466550208 Show response
connect.facebook.net/signals/config/ 68 KB
15 KB 205ms
204ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/241208466550208?v=2.9.154&r=stable&domain=www.flowercorner.vn&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8d778d42f996b6d85cbc3174d1ff7f2d8dca8385098c97436ed78ac6ba263029

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 21 Apr 2024 11:19:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=8, c=44, mss=1294, tbw=96521, tp=-1, tpl=-1, uplat=152, ullat=0
pragma: public
x-fb-debug: fQTgY5+ktWCyh8fRtLOD/phM+SNIxZY4gnZlc+YFPRcb7hNeBTn27/8rRJa7d/5c2th7Bgc8+1KgFoAPmiMYIw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
57 KB 26ms
25ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 21 Apr 2024 11:19:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=38, mss=1232, tbw=4316, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: xeAHR7MvmAjEvaTA03hAgicMiXKxqDLNQ0tEqT5xnh+963qGTMDZ77yKCPPAZiuEwu6xpES78B+8Q1VogTmX2Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 220 KB
79 KB 440ms
138ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-817395020&l=dataLayer&cx=c

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12e9259eae3b89abe60c684a128e52b0a9ad1b1fa441df5e739d3104ff67a8d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80656
x-xss-protection: 0
last-modified: Sun, 21 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Apr 2024 11:19:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
99 KB 390ms
89ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-00CB3CS7J3&l=dataLayer&cx=c

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c02facae6c4c4fd7b11f0ba816de38697677188975a34814c8d3ea83453b986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101109
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Apr 2024 11:19:25 GMT

GET /
invalid/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 243 KB
86 KB 431ms
129ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQ6PJ3GS

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c52667818d3caf10a9349e878dec0c327790762beae62ef22d26a556a0f7a5a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87624
x-xss-protection: 0
last-modified: Sun, 21 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Apr 2024 11:19:25 GMT

GET
H2 404 all.min.css
789-gem.fun/catalog/view/stylesheet/fonts/fontawesome/css/ 0
0 169ms
169ms Stylesheet
text/html 34.32.135.56
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://789-gem.fun/catalog/view/stylesheet/fonts/fontawesome/css/all.min.css
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 56.135.32.34.bc.googleusercontent.com
Software: railway /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:25 GMT
content-encoding: gzip
server: railway
content-type: text/html

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 174ms
44ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0293bd5e66bfda80430f1ef4eb6932b88ef633a0d8523e7b1723746c86dafe07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Apr 2024 11:19:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Apr 2024 11:19:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Apr 2024 11:19:25 GMT

GET /
invalid/ 0
0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/817395020/ 3 KB
1 KB 373ms
61ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/817395020/?random=1713588583203&cv=11&fst=1713588583203&bg=ffffff&guid=ON&async=1&gtm=45be44h0v879924426z89135123798za201&gcd=13l3l3l3l1&dma=0&u_w=903&u_h=758&url=https%3A%2F%2Fwww.flowercorner.vn%2F&ref=https%3A%2F%2Fweb.telegram.org%2F&hn=www.googleadservices.com&frm=0&tiba=Shop%20hoa%20t%C6%B0%C6%A1i%20FlowerCorner%3A%20%C4%90%E1%BA%B7t%20Hoa%20Online%20Giao%20Mi%E1%BB%85n%20Ph%C3%AD%20Ch%E1%BB%89%20T%E1%BB%AB%20300K&npa=0&pscdl=noapi&auid=1146950975.1713581530&uaa=&uab=64&uafvl=Chromium%3B118.0.5993.117%7CGoogle%2520Chrome%3B118.0.5993.117%7CNot%253DA%253FBrand%3B99.0.0.0&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

0cdaa97163f3d90373301d5e4b1d7559843d9b51b354315456617ba36b1aec51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 21 Apr 2024 11:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1369
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 89 KB
27 KB 343ms
30ms Script
application/javascript 2.16.1.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-171.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5c38c05e30f459bab668b1bcb8e37f96abc9516f2dee266aa8c2cc32c2241c68

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: hGB_dnGxhI.cRiBpFcDBN2hZl1sbmT4E
content-encoding: br
date: Sun, 21 Apr 2024 11:19:25 GMT
last-modified: Thu, 11 Apr 2024 12:55:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"fd2c2a1cfef58ec68842695fc4040836"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: 2p6uCav9uRHTYG5DR54n-qTTJdqm_DhY3D1uHy-uFNv4w-VI1o5d7Q==
content-length: 27319
expires: Sun, 21 Apr 2024 19:19:25 GMT

GET
H3 200 shop-hoa-tuoi-flowercorner-logo.png.webp
www.flowercorner.vn/image/catalog/common/ 7 KB
7 KB 335ms
29ms Image
image/webp 172.67.153.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flowercorner.vn/image/catalog/common/shop-hoa-tuoi-flowercorner-logo.png.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.247 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

166d2f5778b97caad2d88b934a458a48af343b7ed57eafd3cd87de7e0628e333

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 247125
alt-svc: h3=":443"; ma=86400
content-length: 6864
referrer-policy: no-referrer
last-modified: Fri, 18 Aug 2023 18:49:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MgKH1XPSHhLtTkeXK3AE8BD8zOHtYeFKXrF%2B4I9Cc%2FbYVacOBvdYLKHAHmEkiTUkLqpqhHfmifs1fCncuzB2wDPDMJzKdW16tbrQK%2F9BF3IndydM11J%2Bb%2BhUzL6dZd9WTc8KL77p"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 877cfaa1debbb987-AMS
expires: Thu, 25 Apr 2024 14:40:40 GMT

GET
H2 200 P6603bc94606273.86371461.webp
in.flowercorner.vn/uploads/ 29 KB
29 KB 2121ms
1117ms Image
image/webp 45.252.249.22
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://in.flowercorner.vn/uploads/P6603bc94606273.86371461.webp
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 093688ee5c06dad8e50103f42e27ffc6d48db349e8d6fb0c41f7faf9b770df1d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:26 GMT
last-modified: Wed, 27 Mar 2024 06:28:36 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29876
expires: Sun, 28 Apr 2024 11:19:26 GMT

GET
H2 200 P657fd22ae76098.00568485.webp
in.flowercorner.vn/uploads/ 27 KB
28 KB 1743ms
740ms Image
image/webp 45.252.249.22
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://in.flowercorner.vn/uploads/P657fd22ae76098.00568485.webp
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 12a9a719904f444b40a9ec19738cdd741e18b333da3387829706fea52b48eaf6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:26 GMT
last-modified: Mon, 18 Dec 2023 05:01:31 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 28070
expires: Sun, 28 Apr 2024 11:19:26 GMT

GET
H2 200 P649eaaa2d52659.21834674.webp
in.flowercorner.vn/uploads/ 29 KB
29 KB 2107ms
1104ms Image
image/webp 45.252.249.22
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://in.flowercorner.vn/uploads/P649eaaa2d52659.21834674.webp
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 548796c77dd625c5174c52321794eb4622857d33c26e291c2b8565f2f7fd7758

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:26 GMT
last-modified: Fri, 30 Jun 2023 10:12:50 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29814
expires: Sun, 28 Apr 2024 11:19:26 GMT

GET
H2 200 bo-hoa-endless-love.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 52 KB
52 KB 3609ms
1366ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-endless-love.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

0a241c8865e72108440c1248d63413892f4ad4b3bdcbc7c359470c541121325e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 399847
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 52766
x-cached: HIT
referrer-policy: no-referrer
last-modified: Sat, 25 Nov 2023 18:35:38 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E4ZScAtl75TAGhMZYXYgINwFtFHzXkP%2B05uIXpgEVuFHUaCO4QZoDyaA9TXE1AWq4KEjix41kt61x4o08zjh%2Blud5S4%2BdTRd2%2F2ZwAYGr5NLSD6ZHFMY5z71Rb0OvWCHSTAjPaQ5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 87099d211bd2850e-HKG
expires: Mon, 21 Apr 2025 11:19:27 GMT

GET
H2 200 bo-hoa-hong-dieu-ngot-ngao-nhat.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 82 KB
83 KB 2536ms
293ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-hong-dieu-ngot-ngao-nhat.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

92f7f08f65b75210a6f05aef12b44c4e3233eb11ec3124664d87471927e439f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3101
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 84216
x-cached: HIT
referrer-policy: no-referrer
last-modified: Sat, 25 Nov 2023 19:35:20 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2FS%2B741ZhKl2D04XtugXgtH3oQyzo%2F2CBUrCpfFBpozm1hQ5HUdALhNLknlcy27qGMRbidK8pJIl7O4QbrXeWlluceXuV8%2FkymNcg5roTcb27ZABJDlA3275e7Rf3R5maDjb%2FtfZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 875891b32cd10f10-HKG
expires: Mon, 21 Apr 2025 11:19:27 GMT

GET
H2 200 bo-hoa-hong-dau-fairy-tale.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 92 KB
93 KB 3612ms
1368ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-hong-dau-fairy-tale.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

4774986c30463795c74679d9588d166f093c8e504949fdd6e6d56a614d40e9b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83726
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 93938
x-cached: HIT
referrer-policy: no-referrer
last-modified: Fri, 19 Jan 2024 04:00:04 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GG3DBxS2rmok7eOfCFdXQGVQUVGWJqjG6%2BBfu21oGqDFGKQHqBttsAp%2B%2BIYdi1fwxW031B4WJEstQk%2BifaJqFwIiphHWIIzDRs%2FR5KSagUndNrlUhXP2sQUk%2FST1RFDn2rPi5FJb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 876003375f9a0eb8-HKG
expires: Mon, 21 Apr 2025 11:19:27 GMT

GET
H2 200 bo-hoa-hong-do-gio-thu.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 69 KB
69 KB 3611ms
1368ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-hong-do-gio-thu.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

da3cd37471aa68924a0d0baceb8cc06c3d5a96a4132c3d6d1e468e24cb78272f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46584
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 70246
x-cached: HIT
referrer-policy: no-referrer
last-modified: Sat, 25 Nov 2023 20:50:02 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kdJswUd9v2LljA8f2zUkm7bwet6KtQgAB98DbWx%2BZQS4GAYnosgsAwcOWLR%2FNaHcpxC2GQQVqVyhv7Ch7M9ZVtzr6djtrVyhqPplLCV90LjzbtoIgmzEqnb3LfhgnvZCDMgFoXtB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86e8eb2d2e0d6e58-HKG
expires: Mon, 21 Apr 2025 11:19:27 GMT

GET
H2 200 bo-hoa-cuc-tana-little-tana.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 87 KB
88 KB 3612ms
1369ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-cuc-tana-little-tana.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

8139910cdcb2b3cec9dbaf90e3a6ac168d318f682ab4a4a0d6c0039d1db5e1d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95424
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 89020
x-cached: HIT
referrer-policy: no-referrer
last-modified: Tue, 02 Jan 2024 09:30:04 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vlrdm0L2fNY1U30rr6HBGz4Q%2FTPj4AWhuFw93tJcDkfZ9ahMa8sfWyC2Q7J09v7tAgAYIE7DXuMw6ET8LGWtdyrzO6qyA27WVrHbDOEo6QruSDVOVF63PMjAfV06QGtzqILhMDxE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 87099d9de891716a-HKG
expires: Mon, 21 Apr 2025 11:19:27 GMT

GET
H2 200 bo-hoa-your-day.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 85 KB
86 KB 3612ms
1370ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-your-day.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

af6baad208c2f71deb4ef32eddcb375ff553e63ba5470c7b402a8d73beb43d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38507
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 87132
x-cached: HIT
referrer-policy: no-referrer
last-modified: Sat, 25 Nov 2023 18:36:49 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VkoZeCPiUm8Fv%2BYBz4pA5W3PAxAYrU%2BRyDKafgMEZ3oMK5arBDBpkofVNk%2FiPQbS6TJ5NHx0f7up5vry00XcLCq5k%2Flwb6wV%2B6ipCrhm82t%2FFqfahGJ7Y4shTxHiuENEVPGgacpf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86e8f46ffd506e5d-HKG
expires: Mon, 21 Apr 2025 11:19:27 GMT

GET
H2 200 bo-hoa-baby-xanh-mat-xanh-2.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 117 KB
118 KB 1114ms
1105ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-baby-xanh-mat-xanh-2.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

842d0ed31a68e96bdbac3197fc6a7b80510e9a3458d7b93834daa669fca82c55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276635
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 119504
x-cached: HIT
referrer-policy: no-referrer
last-modified: Tue, 09 Jan 2024 10:45:03 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ch8FkSXaTQgJTpYZFoTYD98WasFLF3Oi9JE3FJQfM54hZf9JNDPIN8hHdvFRkeQsZFmA4%2BVOJMztc8zZs%2Fn%2BbV72trvlSlbjLJBs0XUcMrtXRYWdnxBJJkgrdLrqqD2AsaPfmTjw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86fde18e0e70849a-HKG
expires: Mon, 21 Apr 2025 11:19:28 GMT

GET
H2 200 bo-hoa-hong-pastel-khoe-sac.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 95 KB
96 KB 1114ms
1105ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-hong-pastel-khoe-sac.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

072fa06ddc6efa28aa8dc08dec552f6834754d4f7c04aa2df030fa3d440f30a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5848
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 97566
x-cached: HIT
referrer-policy: no-referrer
last-modified: Fri, 19 Jan 2024 04:00:09 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UPgZbE136KLcSgw4vVD2C97PJR3vLnC1zIQUJVWVdJEK03UeoVcGqvROZpypsGk6zzPA5dP8N%2F5vX9hi4f8GMBXhJaaZo7RQhicbxmZQWVH%2BI5uUhNHeXti1bX007gI%2BBRseucHl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8758ff42ad3a853c-HKG
expires: Mon, 21 Apr 2025 11:19:28 GMT

GET
H2 200 bo-hoa-thach-thao-trang-thanh-tu.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 89 KB
90 KB 1115ms
1106ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-thach-thao-trang-thanh-tu.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

b0c63285e9edac467a023da3a35fdf8fd213c15f48389e96d7465f223d5b7b61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5585
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 91152
x-cached: HIT
referrer-policy: no-referrer
last-modified: Thu, 28 Dec 2023 09:00:05 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTRfUFsLJqPrvrwCbTRP6Qmf4qdlCEytpMtkIxwvp7anawAmgTvkUIWmq7%2FypELpasl0AdNo%2B2T3il4a1LfiDhwpmn9%2FbD3A20YhuLfH6n2wiET48Zsgx2Lj%2FTpBi41fCKU2ELsy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8758ff680acb8524-HKG
expires: Mon, 21 Apr 2025 11:19:28 GMT

GET
H2 200 bo-hoa-baby-hong-pink-moon.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202022/ 69 KB
69 KB 1115ms
1106ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202022/bo-hoa-baby-hong-pink-moon.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

318a14bddf5007e7384f02a81088018998ade4099de55fec7f96061b95b06af0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 334967
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 70292
x-cached: HIT
referrer-policy: no-referrer
last-modified: Sat, 25 Nov 2023 18:45:02 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1WOcehwAVUvOQWgsslAriUw%2F%2B136s2Ps%2BXF6jl82gpyqF8auclA%2BwyQR%2BNzW%2BIPVXK3wnmbPoDSQ%2Ba7Jywj89maQGWyduaupBp69P6IgTSiiJ8t2kTse2Ff8iQLTh2OppXb7uJe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 87786949db721fc2-HKG
expires: Mon, 21 Apr 2025 11:19:28 GMT

GET
H2 200 khuc-tinh-ca.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 69 KB
69 KB 1115ms
1107ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/khuc-tinh-ca.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

ac875f410404cd36004d305386f93b0644016fddac904c6fd60d7111c1b09873

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 222167
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 70164
x-cached: HIT
referrer-policy: no-referrer
last-modified: Tue, 02 Apr 2024 11:30:04 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8PZqNMRk9cFwddCJp5nu5%2FKqpElyWJV9CFLAsAFfkHwmE1ngqhLck%2BKxhS%2BA8wQ6dX8cbB8eST3KDacmm%2FX1X%2BRlTA8fx9fb%2FuEj1YFlfONZDm3VirndXkNEFT2yRu59OqN1dhs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 876d58c73c048524-HKG
expires: Mon, 21 Apr 2025 11:19:28 GMT

GET
H2 200 nu-cuoi-em.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 89 KB
89 KB 1114ms
1107ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/nu-cuoi-em.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

1941cc51026d049e556ae00e9b22d97b9e1b68700898a3844bc066330fd38b5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 438899
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 90740
x-cached: HIT
referrer-policy: no-referrer
last-modified: Tue, 02 Apr 2024 11:30:07 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVjyEegaKC0ZlnFOu63xvf%2BC2O3IytB4xSpcaus57RrONXGmLqPYv%2FlnGLdy71Ckw3WuoXkb%2B7OUztubugy81RoNpGoWsnFNeWSefHEYgUOB0qBDNvTOAQVTAS4wQBWfcp3WwXHM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8747bf1da8041089-HKG
expires: Mon, 21 Apr 2025 11:19:28 GMT

GET
H2 200 bo-cuc-tana-chamomile.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 96 KB
96 KB 1114ms
1108ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-cuc-tana-chamomile.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

f3cf86a01a96be90aa06683a066b9d62325534e7d9c86edbff46e8b7d58491a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64035
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 97978
x-cached: HIT
referrer-policy: no-referrer
last-modified: Fri, 29 Dec 2023 05:00:04 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SFxUC%2FsfU7DvRVGzTAUgjNu0KNJ0ap%2F5GKYGLKbQAw0xORVZp2qtnuQZQo5jOqKUyyvEQ51kPl16AR06ny6youJ1Y61qg8rcmc1M6FfCFz8%2BQWa7H3cVYk%2BqHQnBNjt6Y%2FDXDKhU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86ea1a48cdbe8475-HKG
expires: Mon, 21 Apr 2025 11:19:28 GMT

GET
H2 200 bo-hoa-hong-yeu-tham.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 121 KB
122 KB 1115ms
1108ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-hong-yeu-tham.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

c879ea846d96ee977e20a3289a154e28539fce8bbb1fa5508de5ab82242675d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69951
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 123786
x-cached: HIT
referrer-policy: no-referrer
last-modified: Thu, 04 Jan 2024 03:15:04 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9gIwou9xO%2Bi3lg852zumQO7d%2FMawoY7amnikESqxh459yP3MTeJgoe6zwqEknNj3PgLgK6o2%2B5d7plosXp1BnxkFvH7%2BJi7mGid0pWCxsCOv9hXqNET2G6KLIR8R56bNfjjxkrw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 875ffed258b204be-HKG
expires: Mon, 21 Apr 2025 11:19:28 GMT

GET
H2 200 bo-hoa-hong-cam-free-spirit-02.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 114 KB
115 KB 1115ms
1108ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-hong-cam-free-spirit-02.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

06be1bd779e10e41315e30f09e8e0c6d0ce8f37b17ba52e6eb1e8f389d3e6af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93675
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 117126
x-cached: HIT
referrer-policy: no-referrer
last-modified: Tue, 06 Feb 2024 03:40:04 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=chwhb2L4YwK7J3S4dbjOh5siDXh6QL%2F3D8xKzCOxWQzMuITagt%2BBGMPc3Nv3D7DX5RBVuZAzzXzvP2eDSl9ARfbOTgnUsHFO42UMklqBsr%2B%2BnuRmdaehNxyIiVe4ienj8qDqL46p"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 876128cddfea1108-HKG
expires: Mon, 21 Apr 2025 11:19:28 GMT

GET
H2 200 bo-hoa-hong-cam-free-spirit.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 106 KB
107 KB 1115ms
1109ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-hong-cam-free-spirit.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

af7605042e7636d1d95ea22a681396f600af58b0f053d9b86d5eb13bfdcccc59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91153
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 108302
x-cached: HIT
referrer-policy: no-referrer
last-modified: Tue, 06 Feb 2024 04:05:03 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2BkMEC8t%2B5qC96Q7vvXCKHc9WH2XDLeKvUwjJAUM7iwqc%2BHyrgY7DTgjVwFyFa6S%2FDlO84R6E4Sp04JJexVdWvKpp411IKn0YzPg34D%2F3nkCbVvWzL8L1IqjRwEb9RHK%2FwzWwD7C"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 876128ce1d221079-HKG
expires: Mon, 21 Apr 2025 11:19:28 GMT

GET
H2 200 bo-hoa-forever-young.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 81 KB
81 KB 1115ms
1109ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-forever-young.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

10013c228eaee5668b4e22b957a6b21293ef75efdb01d24649d15d7a86da4767

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60974
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 82576
x-cached: HIT
referrer-policy: no-referrer
last-modified: Wed, 24 Jan 2024 10:00:03 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FhADF4XqouzG6qbE62tvS2fRxiFpWlrDZ5q9FeSdaTMwB%2FigorUSwZOHbJsb%2FQqlKx8Nt7DU8wAgSWJFQRiOMTYpB7qHN3vqht%2BXKdhbwDGdhhAURxFB0JZ8ofayWC3sP7nBlzCr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86ea1a625ad2079b-HKG
expires: Mon, 21 Apr 2025 11:19:28 GMT

GET
H2 200 giac-mo-nho-be.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/Spring%202024/ 54 KB
55 KB 1115ms
1109ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/Spring%202024/giac-mo-nho-be.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

23ac568e583679eec9fa3aec83a181e21d567665051a9cdfbce2cbd6781714ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65825
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 55534
x-cached: HIT
referrer-policy: no-referrer
last-modified: Tue, 27 Feb 2024 02:10:04 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hshsKHQ9dGho%2FYmxR1tvsSHuAOpytyUiVf6dsm2a1lwu9oHZtTGypf8dw%2FEqtLPpshtUXxUtfeK1AdeT0KfMDqFqVV%2BCt5jS%2FYjQVtT8Qp9pjYWulkcwbcByTz3F6ceNZprh4b0W"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86ea1a622d99857f-HKG
expires: Mon, 21 Apr 2025 11:19:28 GMT

GET
H2 200 bo-hoa-dong-tien-hong-001.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 41 KB
42 KB 1116ms
1109ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-dong-tien-hong-001.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

af07a0fd37f370b62cc9b2a5c133c4f2d1badcc4cc7064789f921d53818916e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251526
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 41828
x-cached: HIT
referrer-policy: no-referrer
last-modified: Mon, 05 Feb 2024 11:15:03 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EhRJlOtkDo%2B9l31Wx7xoJ6dTw0DanbCuFXN%2BzNWKp%2Bfrsh%2FGcZu3D%2FUDRF742mJhl2hkmMATqa5k82NIXsQWnmFJQufKlF7zGalIhSp4uFKlLBkY518RoGlZW%2BlKykijsNFeEasD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 877217177b5c8494-HKG
expires: Mon, 21 Apr 2025 11:19:28 GMT

GET
H2 200 bo-hoa-cam-chuong-trang.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/ 43 KB
44 KB 1116ms
1110ms Image
image/webp 123.30.168.3
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-cam-chuong-trang.jpg.webp

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

static.vnpt.vn

Software

nginx /

Resource Hash

7164be079265dbcb4a39f60cb19532b96ec6566cfc494899274f4b2294a48dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2221
geoip_country_code: NL
alt-svc: h3=":443"; ma=86400
content-length: 44250
x-cached: HIT
referrer-policy: no-referrer
last-modified: Mon, 05 Feb 2024 11:40:03 GMT
server: nginx
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7MbyqDCA0p7Nzr9qdrWWF6stE9SaBiuYlM7LAM17%2BJ57MTOjdJECff2Mb4qG15%2BSMI3nKgEpePaO%2F9e088OU6fXEDhHNP%2BHK6h9N%2Bcsa3l6I46PgNp%2BV%2FhQdRNajRSUQbWhYBtmp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8758ffb14aee8475-HKG
expires: Mon, 21 Apr 2025 11:19:28 GMT

GET
H2 404 1px.webp
789-gem.fun/image/catalog/ 555 B
555 B 164ms
164ms Image
text/html 34.32.135.56
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://789-gem.fun/image/catalog/1px.webp
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 56.135.32.34.bc.googleusercontent.com
Software: railway /
Resource Hash: 338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:25 GMT
content-encoding: gzip
server: railway
content-type: text/html

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 281ms
59ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://789-gem.fun
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 495921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Apr 2025 17:34:04 GMT

GET
H2 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 269ms
48ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da22288b706a3af2a2853e0641b66f3c8da22785e8caf9921efdf4d9a59865d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://789-gem.fun
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 23:37:10 GMT
x-content-type-options: nosniff
age: 128535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15396
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Apr 2025 23:37:10 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 9 KB
9 KB 302ms
81ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://789-gem.fun
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 14:41:23 GMT
x-content-type-options: nosniff
age: 247082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9512
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:58:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Apr 2025 14:41:23 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 27 KB
28 KB 243ms
22ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://789-gem.fun
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 03:13:36 GMT
x-content-type-options: nosniff
age: 461149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27812
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Apr 2025 03:13:36 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
855 B 279ms
53ms Script
text/javascript 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

GSE /

Resource Hash

284a99afd88b68137689930b5b6ff64441d7e1870585b18e398490d728ae8b9d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 21 Apr 2024 11:19:26 GMT

GET
H2 200 817395020
td.doubleclick.net/td/rul/ Frame FC13 0
0 167ms
59ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/817395020?random=1713588583203&cv=11&fst=1713588583203&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44h0v879924426z89135123798za201&gcd=13l3l3l3l1&dma=0&u_w=903&u_h=758&url=https%3A%2F%2Fwww.flowercorner.vn%2F&ref=https%3A%2F%2Fweb.telegram.org%2F&hn=www.googleadservices.com&frm=0&tiba=Shop%20hoa%20t%C6%B0%C6%A1i%20FlowerCorner%3A%20%C4%90%E1%BA%B7t%20Hoa%20Online%20Giao%20Mi%E1%BB%85n%20Ph%C3%AD%20Ch%E1%BB%89%20T%E1%BB%AB%20300K&npa=0&pscdl=noapi&auid=1146950975.1713581530&uaa=&uab=64&uafvl=Chromium%3B118.0.5993.117%7CGoogle%2520Chrome%3B118.0.5993.117%7CNot%253DA%253FBrand%3B99.0.0.0&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://789-gem.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Apr 2024 11:19:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXZ0poK5.woff2
fonts.gstatic.com/s/montserrat/v26/ 13 KB
14 KB 207ms
53ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXZ0poK5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

549336179e4291b294b24280796e099b7e0acd19daca629ec31825bff1c31f15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://789-gem.fun
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 18:41:40 GMT
x-content-type-options: nosniff
age: 59865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13820
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:37:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Apr 2025 18:41:40 GMT

GET
H2 200 customerchat.php
www.facebook.com/v12.0/plugins/ Frame 2513 0
0 329ms
261ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/customerchat.php?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fd55442060b614b%26domain%3Dwww.flowercorner.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.flowercorner.vn%252Ff17d5e73188bf3ee9%26relation%3Dparent.parent&container_width=903&current_url=https%3A%2F%2Fwww.flowercorner.vn%2F&is_loaded_by_facade=true&local_state=%7B%22v%22%3A2%2C%22path%22%3A2%2C%22chatState%22%3A1%2C%22visibility%22%3A%22hidden%22%2C%22showUpgradePrompt%22%3A%22not_shown%22%2C%22greetingVisibility%22%3A%22hidden%22%7D&locale=vi_VN&log_id=2488d29d-ec5f-4e44-992d-b67c306f548a&page_id=411745402577295&request_time=1713588596125&sdk=joey

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.flowercorner.vn; default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data: https://.google-analytics.com .google.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://789-gem.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: frame-ancestors https://www.flowercorner.vn; default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Apr 2024 11:19:25 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v13.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=21, mss=1294, tbw=14913, tp=-1, tpl=-1, uplat=236, ullat=1
x-fb-debug: pwrKngUtAugqbVFiIp5qQwWzxd7NhZHTorFJPfnmBHUpIIna9erC4HdOlh5x25Pu39/EdXsPbz7R/1dgN/6Ztg==
x-xss-protection: 0

GET
H2 200 bubble
www.facebook.com/v12.0/plugins/customer_chat/ Frame 96F3 0
0 224ms
157ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/customer_chat/bubble

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data: https://.google-analytics.com .google.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://789-gem.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: same-origin
date: Sun, 21 Apr 2024 11:19:25 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v13.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1294, tbw=2820, tp=-1, tpl=-1, uplat=128, ullat=0
x-fb-debug: 3xfTA2zAry8F6akvKzt8QFFDpyzY6Qjrck2v9j6oZRO0tpcQprVELbw/5idzHNc9H3qfJPPC4aa/7nPidavP3A==
x-xss-protection: 0

GET
H2 200 bubble
www.facebook.com/v12.0/plugins/customer_chat/ Frame 0388 0
0 383ms
158ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/customer_chat/bubble

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data: https://.google-analytics.com .google.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://789-gem.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: same-origin
date: Sun, 21 Apr 2024 11:19:26 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v13.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=45, mss=1294, tbw=41627, tp=-1, tpl=-1, uplat=133, ullat=0
x-fb-debug: Kwix1PYdDZx1uRpWnnm/ZTHgcUqLxEzRDNTs2MyywxH4UKepBxrIrk+ElGSxkE1HAX0OqLKOV8w6nB6x0naHHA==
x-xss-protection: 0

GET
H3 200 bubble
www.facebook.com/v12.0/plugins/customer_chat/ Frame 663C 0
0 530ms
145ms Document
text/html 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/customer_chat/bubble

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data: https://.google-analytics.com .google.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://789-gem.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: same-origin
date: Sun, 21 Apr 2024 11:19:26 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v13.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
priority: u=0,i
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4319, tp=9, tpl=0, uplat=122, ullat=0
x-fb-debug: Lk+453q4zCDHD5AEpfBOeQZdKZEBMkYLlbjqAJYhN+NsmCb30RmKpJbwF8HMyTuXaVBpN8rHglCxHyq9KeUVwQ==
x-xss-protection: 0

GET
H/1.1 200
OK open_chat
secure.livechatinc.com/customer/action/ Frame 4421 0
0 350ms
204ms Document
text/html 95.100.146.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=17487633&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.11 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://789-gem.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2614
Content-Type: text/html; charset=utf-8
Date: Sun, 21 Apr 2024 11:19:26 GMT
Vary: Accept-Encoding

GET
H2 200 api Show response
in.flowercorner.vn/ 892 B
926 B 1220ms
405ms XHR
application/json 45.252.249.22
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://in.flowercorner.vn/api?cmd=slider&v=1713698365520
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 1a2adb0771797d7bfdb840264f07384d5ead28ef8509d387d5c4f2edccda6098

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sun, 21 Apr 2024 11:19:26 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-type: application/json, charset=utf-8

GET
H2 200 api Show response
in.flowercorner.vn/ 366 B
400 B 1220ms
406ms XHR
application/json 45.252.249.22
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://in.flowercorner.vn/api?cmd=popup&v=1713698365520
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed / PHP/7.4.33
Resource Hash: af13ccc06ae9ac590cfc0c2b6792b154ad52bb7694c4d724a1be7ecb4690672e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sun, 21 Apr 2024 11:19:26 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-type: application/json, charset=utf-8

GET
H2 200 api Show response
in.flowercorner.vn/ 1 KB
1 KB 1218ms
405ms XHR
application/json 45.252.249.22
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://in.flowercorner.vn/api?cmd=coupons&v=1713698365520
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 568c425a78e97af7500aa7f6bf4f94f9aec919b7b421415815b262416da5cb8f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sun, 21 Apr 2024 11:19:26 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-type: application/json, charset=utf-8

GET
H2 200 api Show response
in.flowercorner.vn/ 367 B
400 B 1225ms
412ms XHR
application/json 45.252.249.22
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://in.flowercorner.vn/api?cmd=ship_regions&v=1713698365615
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed / PHP/7.4.33
Resource Hash: b7bc302eaca322c092746cf1db329edb28623726f16a707e76c5a20fbeed43d5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: */*
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sun, 21 Apr 2024 11:19:26 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.33
content-type: application/json, charset=utf-8

GET
H3 200 241208466550208 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 157ms
157ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/241208466550208?v=2.9.154&r=stable&domain=789-gem.fun&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

8d778d42f996b6d85cbc3174d1ff7f2d8dca8385098c97436ed78ac6ba263029

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 21 Apr 2024 11:19:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=82, mss=1232, tbw=65692, tp=61, tpl=0, uplat=132, ullat=1
pragma: public
x-fb-debug: T0Xp1kNByuxDNDZGmD0OwVaPAV8wR2x1UtmyTGfXl/ZzBExQ2efmGldEzLL62b/cwQW3PDitV4jtd8D9xgOZ7g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/817395020/ 42 B
64 B 253ms
52ms Image
image/gif 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/817395020/?random=1713588583203&cv=11&fst=1713585600000&bg=ffffff&guid=ON&async=1&gtm=45be44h0v879924426z89135123798za201&gcd=13l3l3l3l1&dma=0&u_w=903&u_h=758&url=https%3A%2F%2Fwww.flowercorner.vn%2F&ref=https%3A%2F%2Fweb.telegram.org%2F&frm=0&tiba=Shop%20hoa%20t%C6%B0%C6%A1i%20FlowerCorner%3A%20%C4%90%E1%BA%B7t%20Hoa%20Online%20Giao%20Mi%E1%BB%85n%20Ph%C3%AD%20Ch%E1%BB%89%20T%E1%BB%AB%20300K&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqvDZ-3Uxs8jxuTYDFXuKjyVAAypucyQ&random=4074718353&rmt_tld=0&ipr=y

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 21 Apr 2024 11:19:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/817395020/ 42 B
455 B 166ms
47ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/817395020/?random=1713588583203&cv=11&fst=1713585600000&bg=ffffff&guid=ON&async=1&gtm=45be44h0v879924426z89135123798za201&gcd=13l3l3l3l1&dma=0&u_w=903&u_h=758&url=https%3A%2F%2Fwww.flowercorner.vn%2F&ref=https%3A%2F%2Fweb.telegram.org%2F&frm=0&tiba=Shop%20hoa%20t%C6%B0%C6%A1i%20FlowerCorner%3A%20%C4%90%E1%BA%B7t%20Hoa%20Online%20Giao%20Mi%E1%BB%85n%20Ph%C3%AD%20Ch%E1%BB%89%20T%E1%BB%AB%20300K&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqvDZ-3Uxs8jxuTYDFXuKjyVAAypucyQ&random=4074718353&rmt_tld=1&ipr=y

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 21 Apr 2024 11:19:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 359 B
539 B 298ms
182ms Script
application/javascript 95.100.146.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=17487633&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2F789-gem.fun%2F&channel_type=code&jsonp=__gdrjouunlfu

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.146.11 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-146-11.deploy.static.akamaitechnologies.com

Software

Resource Hash

c090de5081dce4399c25cf9bc5014e301a446a6020595b0ea98f044eb05da230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://789-gem.fun/;
X-Frame-Options	allow-from https://789-gem.fun/

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors https://789-gem.fun/;
date: Sun, 21 Apr 2024 11:19:26 GMT
content-length: 359
vary: Accept-Encoding
x-frame-options: allow-from https://789-gem.fun/
content-type: application/javascript; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 76ms
24ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241208466550208&ev=PageView&dl=https%3A%2F%2F789-gem.fun%2F&rl=&if=false&ts=1713698365922&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713698365914.835020596&cs_est=true&ler=empty&cdl=API_unavailable&it=1713698365706&coo=false&rqm=GET

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1294, tbw=2764, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 21 Apr 2024 11:19:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 37ms
37ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=516336922&t=pageview&_s=1&dl=https%3A%2F%2F789-gem.fun%2F&ul=nl-nl&de=UTF-8&dt=Shop%20hoa%20t%C6%B0%C6%A1i%20FlowerCorner%3A%20%C4%90%E1%BA%B7t%20Hoa%20Online%20Giao%20Mi%E1%BB%85n%20Ph%C3%AD%20Ch%E1%BB%89%20T%E1%BB%AB%20300K&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABEAAAACAAI~&jid=1232910514&gjid=2113039956&cid=372456838.1713698366&tid=UA-114815169-1&_gid=67555004.1713698366&_r=1&gtm=457e44h0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1813112176

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Apr 2024 11:19:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://789-gem.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 363ms
35ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-114815169-1&cid=372456838.1713698366&jid=1232910514&gjid=2113039956&_gid=67555004.1713698366&npa=1&_u=aEBAAUAAEAAAACAAI~&z=1576212434

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 21 Apr 2024 11:19:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://789-gem.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
242 B 366ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-00CB3CS7J3&gtm=45je44h0v874478971z89135123798za200&_p=1713698365415&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=372456838.1713698366&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713698366&sct=1&seg=0&dl=https%3A%2F%2F789-gem.fun%2F&dt=Shop%20hoa%20t%C6%B0%C6%A1i%20FlowerCorner%3A%20%C4%90%E1%BA%B7t%20Hoa%20Online%20Giao%20Mi%E1%BB%85n%20Ph%C3%AD%20Ch%E1%BB%89%20T%E1%BB%AB%20300K&en=page_view&_fv=1&_ss=1&ep.debug_mode=false&tfd=1678
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-00CB3CS7J3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 21 Apr 2024 11:19:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://789-gem.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 317ms
34ms Ping
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-00CB3CS7J3&cid=372456838.1713698366&gtm=45je44h0v874478971z89135123798za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-00CB3CS7J3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 21 Apr 2024 11:19:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://789-gem.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 77ms
58ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-00CB3CS7J3&cid=372456838.1713698366&gtm=45je44h0v874478971z89135123798za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=754437015

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 21 Apr 2024 11:19:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 500 KB
200 KB 27ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b32851c632602843aa7dd7155d58e01e1c4b8171091654935d372d40597eb02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Origin: https://789-gem.fun
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 01:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204795
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Apr 2025 01:05:23 GMT

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 4 KB
2 KB 663ms
663ms Script
application/javascript 95.100.146.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=6528d6a0-f676-4004-8cb4-755c5a20c70b&version=46.0.1.13.67.11.1.1.1.1.1.4.1&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.11 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3b653ad61a8273671489cf213e3ba71ca2f181a510eea9d3caea8158fa508c23

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:26 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
cache-control: public, max-age=600
content-length: 1571
expires: Sun, 21 Apr 2024 11:29:26 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 51ms
47ms Image
image/gif 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114815169-1&cid=372456838.1713698366&jid=1232910514&npa=1&_u=aEBAAUAAEAAAACAAI~&z=264225887

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 21 Apr 2024 11:19:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.nl/ads/ 42 B
63 B 52ms
48ms Image
image/gif 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114815169-1&cid=372456838.1713698366&jid=1232910514&npa=1&_u=aEBAAUAAEAAAACAAI~&z=264225887

Requested by

Host: 789-gem.fun
URL: https://789-gem.fun/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 21 Apr 2024 11:19:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 P6603bca98a95a8.67175147.webp
in.flowercorner.vn/uploads/ 75 KB
75 KB 1058ms
1051ms Image
image/webp 45.252.249.22
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://in.flowercorner.vn/uploads/P6603bca98a95a8.67175147.webp
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ef3c6455ffdd0fe55ec8e25d3eb95c6ce3c114902a3510b5ec754a36e440bef8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:27 GMT
last-modified: Wed, 27 Mar 2024 06:28:57 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 76364
expires: Sun, 28 Apr 2024 11:19:27 GMT

GET
H2 200 P657fd247737038.75342862.webp
in.flowercorner.vn/uploads/ 54 KB
55 KB 1097ms
1091ms Image
image/webp 45.252.249.22
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://in.flowercorner.vn/uploads/P657fd247737038.75342862.webp
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: bd6cc5b1724e814ff91cff68bb7c626e9142daa21a0f4b097df01fe9e1bc7cbb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:27 GMT
last-modified: Mon, 18 Dec 2023 05:01:59 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 55740
expires: Sun, 28 Apr 2024 11:19:27 GMT

GET
H2 200 P649ea8ef2ed4f0.09844576.webp
in.flowercorner.vn/uploads/ 66 KB
66 KB 1097ms
1091ms Image
image/webp 45.252.249.22
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://in.flowercorner.vn/uploads/P649ea8ef2ed4f0.09844576.webp
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 2dfdea477cc43859a507b094f937cacc6d8e2d59734036987b4d7fffdfe698ca

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:27 GMT
last-modified: Fri, 30 Jun 2023 10:05:35 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 67322
expires: Sun, 28 Apr 2024 11:19:27 GMT

GET
H2 200 api Show response
in.flowercorner.vn/ 9 KB
9 KB 407ms
404ms XHR
application/json 45.252.249.22
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://in.flowercorner.vn/api?cmd=ship_districts&v=1713698365615
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed / PHP/7.4.33
Resource Hash: df3d4ecb22a7a2ba43f7f6b889c40a913c9008b36de209858cb1e3b04886640f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: */*
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sun, 21 Apr 2024 11:19:27 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.33
content-type: application/json, charset=utf-8

GET
H/1.1 200
OK open_chat
secure.livechatinc.com/customer/action/ Frame 021E 0
0 39ms
38ms Document
text/html 95.100.146.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=17487633&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.11 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://789-gem.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2614
Content-Type: text/html; charset=utf-8
Date: Sun, 21 Apr 2024 11:19:26 GMT
Vary: Accept-Encoding

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.4/customer/action/ 14 KB
5 KB 177ms
177ms Script
application/javascript 95.100.146.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=6528d6a0-f676-4004-8cb4-755c5a20c70b&version=8b4136637a184fd9fc32b59b8d4ec45a_55408e22f585002dd0e9f6e0a455502d&language=vi&group_id=0&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.11 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 12a42921308f5d75b2fe1e35d3d47472ab271c377949524108821c3a94ab49db

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:27 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
cache-control: public, max-age=599
content-length: 4808
expires: Sun, 21 Apr 2024 11:29:26 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 89 KB
0 0ms
0ms Script
application/javascript 2.16.1.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-171.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5c38c05e30f459bab668b1bcb8e37f96abc9516f2dee266aa8c2cc32c2241c68

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: hGB_dnGxhI.cRiBpFcDBN2hZl1sbmT4E
content-encoding: br
date: Sun, 21 Apr 2024 11:19:25 GMT
last-modified: Thu, 11 Apr 2024 12:55:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"fd2c2a1cfef58ec68842695fc4040836"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: 2p6uCav9uRHTYG5DR54n-qTTJdqm_DhY3D1uHy-uFNv4w-VI1o5d7Q==
content-length: 27319
expires: Sun, 21 Apr 2024 19:19:25 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 89 KB
0 1ms
0ms Script
application/javascript 2.16.1.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-171.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5c38c05e30f459bab668b1bcb8e37f96abc9516f2dee266aa8c2cc32c2241c68

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: hGB_dnGxhI.cRiBpFcDBN2hZl1sbmT4E
content-encoding: br
date: Sun, 21 Apr 2024 11:19:25 GMT
last-modified: Thu, 11 Apr 2024 12:55:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"fd2c2a1cfef58ec68842695fc4040836"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: 2p6uCav9uRHTYG5DR54n-qTTJdqm_DhY3D1uHy-uFNv4w-VI1o5d7Q==
content-length: 27319
expires: Sun, 21 Apr 2024 19:19:25 GMT

GET
H2 404 Logo-icon.png
789-gem.fun/image/catalog/1_dienhoa/app/ 555 B
244 B 167ms
166ms Other
text/html 34.32.135.56
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://789-gem.fun/image/catalog/1_dienhoa/app/Logo-icon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 56.135.32.34.bc.googleusercontent.com
Software: railway /
Resource Hash: 338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://789-gem.fun/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 11:19:37 GMT
content-encoding: gzip
server: railway
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-21 05:37:38	Name: __lc_cid Value: 15ff7cf6-9884-4268-b542-c7efa9ead125
.accounts.livechatinc.com/v2/customer/token	1970-01-21 05:37:38	Name: __lc_cst Value: dbe8db4ef69aecb6919316249d089ecc3d229ba718c16ff3f9543011fa6dcd718f1be188cbcce4ff054155d2c05263e84da581920563246dc6d9b1a7ec08
.accounts.livechatinc.com/customer/token	1970-01-21 05:37:38	Name: __lc_cid Value: 15ff7cf6-9884-4268-b542-c7efa9ead125
.accounts.livechatinc.com/customer/token	1970-01-21 05:37:38	Name: __lc_cst Value: dbe8db4ef69aecb6919316249d089ecc3d229ba718c16ff3f9543011fa6dcd718f1be188cbcce4ff054155d2c05263e84da581920563246dc6d9b1a7ec08
.doubleclick.net/	1970-01-20 20:01:39	Name: test_cookie Value: CheckForPermission
.789-gem.fun/	1970-01-20 22:11:14	Name: _fbp Value: fb.1.1713698365914.835020596
.789-gem.fun/	1970-01-20 20:03:04	Name: _gid Value: GA1.2.67555004.1713698366
.789-gem.fun/	1970-01-20 20:01:38	Name: _gat_gtag_UA_114815169_1 Value: 1
.789-gem.fun/	1970-01-20 22:11:14	Name: _gcl_au Value: 1.1.1780106254.1713698366
.789-gem.fun/	1970-01-21 05:37:38	Name: _ga_00CB3CS7J3 Value: GS1.1.1713698366.1.0.1713698366.60.0.0
.789-gem.fun/	1970-01-21 05:37:38	Name: _ga Value: GA1.1.372456838.1713698366
accounts.livechatinc.com/	1970-01-20 20:01:38	Name: __oauth_redirect_detector Value: counter=1&t=1713698397&tag=707df70212d0567250e0506c71d52792cedae7bf

29 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: https://789-gem.fun/catalog/view/stylesheet/fonts/fontawesome/css/all.min.css Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://789-gem.fun/(Line 17096) Message: Origin trial controlled feature not enabled: 'join-ad-interest-group'.
network	error	URL: https://789-gem.fun/image/catalog/1px.webp Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://789-gem.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/241208466550208?v=2.9.154&r=stable&domain=789-gem.fun&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://789-gem.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	Message: Refused to frame 'https://www.facebook.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://www.flowercorner.vn".
other	warning	URL: https://789-gem.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://789-gem.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://789-gem.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cdn.livechatinc.com/tracking.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	URL: https://789-gem.fun/image/catalog/1_dienhoa/app/Logo-icon.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

789-gem.fun
8384f55340.vws.vegacdn.vn
api.livechatinc.com
cdn.livechatinc.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.flowercorner.vn
invalid
region1.analytics.google.com
secure.livechatinc.com
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.flowercorner.vn
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.gstatic.com
invalid
123.30.168.3
142.250.185.227
142.250.185.228
142.250.186.34
157.240.251.35
157.240.251.9
172.67.153.247
2.16.1.171
2001:4860:4802:32::36
2a00:1450:4001:808::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.32.135.56
45.252.249.22
95.100.146.11
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
0293bd5e66bfda80430f1ef4eb6932b88ef633a0d8523e7b1723746c86dafe07
06be1bd779e10e41315e30f09e8e0c6d0ce8f37b17ba52e6eb1e8f389d3e6af1
072fa06ddc6efa28aa8dc08dec552f6834754d4f7c04aa2df030fa3d440f30a2
093688ee5c06dad8e50103f42e27ffc6d48db349e8d6fb0c41f7faf9b770df1d
0a241c8865e72108440c1248d63413892f4ad4b3bdcbc7c359470c541121325e
0cdaa97163f3d90373301d5e4b1d7559843d9b51b354315456617ba36b1aec51
10013c228eaee5668b4e22b957a6b21293ef75efdb01d24649d15d7a86da4767
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
12a42921308f5d75b2fe1e35d3d47472ab271c377949524108821c3a94ab49db
12a9a719904f444b40a9ec19738cdd741e18b333da3387829706fea52b48eaf6
12e9259eae3b89abe60c684a128e52b0a9ad1b1fa441df5e739d3104ff67a8d8
166d2f5778b97caad2d88b934a458a48af343b7ed57eafd3cd87de7e0628e333
1941cc51026d049e556ae00e9b22d97b9e1b68700898a3844bc066330fd38b5c
1a2adb0771797d7bfdb840264f07384d5ead28ef8509d387d5c4f2edccda6098
23ac568e583679eec9fa3aec83a181e21d567665051a9cdfbce2cbd6781714ea
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
284a99afd88b68137689930b5b6ff64441d7e1870585b18e398490d728ae8b9d
2dfdea477cc43859a507b094f937cacc6d8e2d59734036987b4d7fffdfe698ca
318a14bddf5007e7384f02a81088018998ade4099de55fec7f96061b95b06af0
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf
3b653ad61a8273671489cf213e3ba71ca2f181a510eea9d3caea8158fa508c23
4774986c30463795c74679d9588d166f093c8e504949fdd6e6d56a614d40e9b0
4ec01f8b2dd5b78453bccde326e99be8648e0f1a2efc52065cfa6e9c02408684
548796c77dd625c5174c52321794eb4622857d33c26e291c2b8565f2f7fd7758
549336179e4291b294b24280796e099b7e0acd19daca629ec31825bff1c31f15
568c425a78e97af7500aa7f6bf4f94f9aec919b7b421415815b262416da5cb8f
5c38c05e30f459bab668b1bcb8e37f96abc9516f2dee266aa8c2cc32c2241c68
6b32851c632602843aa7dd7155d58e01e1c4b8171091654935d372d40597eb02
6c02facae6c4c4fd7b11f0ba816de38697677188975a34814c8d3ea83453b986
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
7164be079265dbcb4a39f60cb19532b96ec6566cfc494899274f4b2294a48dd9
8139910cdcb2b3cec9dbaf90e3a6ac168d318f682ab4a4a0d6c0039d1db5e1d5
842d0ed31a68e96bdbac3197fc6a7b80510e9a3458d7b93834daa669fca82c55
8d778d42f996b6d85cbc3174d1ff7f2d8dca8385098c97436ed78ac6ba263029
92f7f08f65b75210a6f05aef12b44c4e3233eb11ec3124664d87471927e439f8
ac875f410404cd36004d305386f93b0644016fddac904c6fd60d7111c1b09873
af07a0fd37f370b62cc9b2a5c133c4f2d1badcc4cc7064789f921d53818916e7
af13ccc06ae9ac590cfc0c2b6792b154ad52bb7694c4d724a1be7ecb4690672e
af6baad208c2f71deb4ef32eddcb375ff553e63ba5470c7b402a8d73beb43d4f
af7605042e7636d1d95ea22a681396f600af58b0f053d9b86d5eb13bfdcccc59
b0c63285e9edac467a023da3a35fdf8fd213c15f48389e96d7465f223d5b7b61
b7bc302eaca322c092746cf1db329edb28623726f16a707e76c5a20fbeed43d5
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd6cc5b1724e814ff91cff68bb7c626e9142daa21a0f4b097df01fe9e1bc7cbb
c090de5081dce4399c25cf9bc5014e301a446a6020595b0ea98f044eb05da230
c52667818d3caf10a9349e878dec0c327790762beae62ef22d26a556a0f7a5a8
c69ce120a7308882f6fc6de703f01eeb43965fbb1cf8ba1fe7c697eb88758006
c879ea846d96ee977e20a3289a154e28539fce8bbb1fa5508de5ab82242675d6
da22288b706a3af2a2853e0641b66f3c8da22785e8caf9921efdf4d9a59865d5
da3cd37471aa68924a0d0baceb8cc06c3d5a96a4132c3d6d1e468e24cb78272f
dd32fac27277a59e77fc030db5706270ebd0ac5f438d08f9a558d28c962e5e5a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df3d4ecb22a7a2ba43f7f6b889c40a913c9008b36de209858cb1e3b04886640f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3c6455ffdd0fe55ec8e25d3eb95c6ce3c114902a3510b5ec754a36e440bef8
f2e3de6b5975c4a925aec488912ada87d36d40e76e0a072ad17d94990a31690f
f3cf86a01a96be90aa06683a066b9d62325534e7d9c86edbff46e8b7d58491a5

789-gem.fun Open in urlscan Pro 34.32.135.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

95 Requests

82 %HTTPS

50 %IPv6

14 Domains

21 Subdomains

23 IPs

6 Countries

3382 kBTransfer

6266 kBSize

12 Cookies

66 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

789-gem.fun Open in urlscan Pro
34.32.135.56 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

82 %
HTTPS

50 %
IPv6

14
Domains

21
Subdomains

23
IPs

6
Countries

3382 kB
Transfer

6266 kB
Size

12
Cookies

95 HTTP transactions
0 data transactions