URL: https://789-gem.fun/
Submission: On April 21 via api from US — Scanned from NL

Summary

This website contacted 23 IPs in 6 countries across 14 domains to perform 95 HTTP transactions. The main IP is 34.32.135.56, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is 789-gem.fun.
TLS certificate: Issued by R3 on April 21st 2024. Valid for: 3 months.
This is the only time 789-gem.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 34.32.135.56 396982 (GOOGLE-CL...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 157.240.251.9 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
3 2.16.1.171 20940 (AKAMAI-ASN1)
1 172.67.153.247 13335 (CLOUDFLAR...)
11 45.252.249.22 63760 (AZDIGI-AS...)
20 123.30.168.3 45899 (VNPT-AS-V...)
5 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.228 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 157.240.251.35 32934 (FACEBOOK)
5 95.100.146.11 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.185.227 15169 (GOOGLE)
95 23
Apex Domain
Subdomains
Transfer
20 vegacdn.vn
8384f55340.vws.vegacdn.vn
2 MB
12 flowercorner.vn
www.flowercorner.vn
in.flowercorner.vn
300 KB
8 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 5681
secure.livechatinc.com — Cisco Umbrella Rank: 6387
api.livechatinc.com — Cisco Umbrella Rank: 5191
34 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
500 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
274 B
4 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2941
1 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 36
td.doubleclick.net — Cisco Umbrella Rank: 456
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
334 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
177 KB
4 789-gem.fun
789-gem.fun
347 KB
3 google.nl
www.google.nl — Cisco Umbrella Rank: 10513
625 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
0 Failed
function sub() { [native code] }. Failed
95 14
Domain Requested by
20 8384f55340.vws.vegacdn.vn 789-gem.fun
11 in.flowercorner.vn 789-gem.fun
5 www.facebook.com 789-gem.fun
5 fonts.gstatic.com fonts.googleapis.com
4 www.googletagmanager.com 789-gem.fun
4 connect.facebook.net 789-gem.fun
connect.facebook.net
4 789-gem.fun 789-gem.fun
3 api.livechatinc.com cdn.livechatinc.com
3 www.google.nl 789-gem.fun
3 www.google.com 789-gem.fun
3 cdn.livechatinc.com 789-gem.fun
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 secure.livechatinc.com 789-gem.fun
cdn.livechatinc.com
2 www.google-analytics.com 789-gem.fun
www.google-analytics.com
2 www.gstatic.com 789-gem.fun
www.google.com
1 region1.analytics.google.com www.googletagmanager.com
1 td.doubleclick.net 789-gem.fun
1 www.flowercorner.vn 789-gem.fun
1 googleads.g.doubleclick.net 789-gem.fun
1 fonts.googleapis.com 789-gem.fun
0 invalid Failed 789-gem.fun
95 21
Subject Issuer Validity Valid
789-gem.fun
R3
2024-04-21 -
2024-07-20
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-01-29 -
2024-04-28
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
livechat.com
DigiCert TLS RSA SHA256 2020 CA1
2024-01-31 -
2025-01-31
a year crt.sh
flowercorner.vn
E1
2024-04-20 -
2024-07-19
3 months crt.sh
www.flowercorner.vn
R3
2024-03-29 -
2024-06-27
3 months crt.sh
*.vws.vegacdn.vn
AlphaSSL CA - SHA256 - G4
2023-04-14 -
2024-05-15
a year crt.sh
*.google.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.google.nl
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh

This page contains 8 frames:

Primary Page: https://789-gem.fun/
Frame ID: 030903746AEC8B8929B3F487536A5249
Requests: 88 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/817395020?random=1713588583203&cv=11&fst=1713588583203&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44h0v879924426z89135123798za201&gcd=13l3l3l3l1&dma=0&u_w=903&u_h=758&url=https%3A%2F%2Fwww.flowercorner.vn%2F&ref=https%3A%2F%2Fweb.telegram.org%2F&hn=www.googleadservices.com&frm=0&tiba=Shop%20hoa%20t%C6%B0%C6%A1i%20FlowerCorner%3A%20%C4%90%E1%BA%B7t%20Hoa%20Online%20Giao%20Mi%E1%BB%85n%20Ph%C3%AD%20Ch%E1%BB%89%20T%E1%BB%AB%20300K&npa=0&pscdl=noapi&auid=1146950975.1713581530&uaa=&uab=64&uafvl=Chromium%3B118.0.5993.117%7CGoogle%2520Chrome%3B118.0.5993.117%7CNot%253DA%253FBrand%3B99.0.0.0&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1
Frame ID: FC139194C2F7FD18BAA9DFB16D74E72B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/customerchat.php?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fd55442060b614b%26domain%3Dwww.flowercorner.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.flowercorner.vn%252Ff17d5e73188bf3ee9%26relation%3Dparent.parent&container_width=903&current_url=https%3A%2F%2Fwww.flowercorner.vn%2F&is_loaded_by_facade=true&local_state=%7B%22v%22%3A2%2C%22path%22%3A2%2C%22chatState%22%3A1%2C%22visibility%22%3A%22hidden%22%2C%22showUpgradePrompt%22%3A%22not_shown%22%2C%22greetingVisibility%22%3A%22hidden%22%7D&locale=vi_VN&log_id=2488d29d-ec5f-4e44-992d-b67c306f548a&page_id=411745402577295&request_time=1713588596125&sdk=joey
Frame ID: 2513E5A51FDEE433B62DCDA8A3D7B275
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/customer_chat/bubble
Frame ID: 96F3EEA1C257600E69A2CDAEB6B71FF3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/customer_chat/bubble
Frame ID: 0388CCA8C3A9157D2201FFCE369ABA85
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/customer_chat/bubble
Frame ID: 663C445D60DAED74019C4A5326B46F69
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=17487633&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 44210C09FE24A83CEC331924AF91C8A5
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=17487633&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 021EB01C415CDE5A1648159C248BC286
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Shop hoa tươi FlowerCorner: Đặt Hoa Online Giao Miễn Phí Chỉ Từ 300K

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

95
Requests

82 %
HTTPS

50 %
IPv6

14
Domains

21
Subdomains

23
IPs

6
Countries

3382 kB
Transfer

6266 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
789-gem.fun/
1 MB
346 KB
Document
General
Full URL
https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
56.135.32.34.bc.googleusercontent.com
Software
railway /
Resource Hash
c69ce120a7308882f6fc6de703f01eeb43965fbb1cf8ba1fe7c697eb88758006

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 21 Apr 2024 11:19:24 GMT
etag
W/"6624c09b-135025"
last-modified
Sun, 21 Apr 2024 07:30:35 GMT
server
railway
xfbml.customerchat.js
connect.facebook.net/vi_VN/sdk/
314 KB
91 KB
Script
General
Full URL
https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dd32fac27277a59e77fc030db5706270ebd0ac5f438d08f9a558d28c962e5e5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Apr 2024 11:19:24 GMT
content-md5
acauxSjXDj5zjqiKtziWkg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
91481
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=12, mss=1294, tbw=2771, tp=-1, tpl=-1, uplat=3, ullat=-1
x-fb-debug
iWo64K7Wuhjhs5fIvZiMgBMoP43sb1kQbmYHEMBb2hWEkwM4HvKEIraL6VkrVgbZGlo6S4ogcVAgXDpe8vrvJg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
19515a4354bc0d19cd9bde1bac79dc60
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"3a555cdbc8dd46e87688d486d0448c60"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sun, 21 Apr 2024 11:32:00 GMT
recaptcha__vi.js
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/
508 KB
201 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__vi.js
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2e3de6b5975c4a925aec488912ada87d36d40e76e0a072ad17d94990a31690f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Origin
https://789-gem.fun
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 00:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
385103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205201
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 04:30:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Apr 2025 00:21:01 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Apr 2024 09:39:22 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6003
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 21 Apr 2024 11:39:22 GMT
js
www.googletagmanager.com/gtag/
195 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-114815169-1&l=dataLayer&cx=c
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ec01f8b2dd5b78453bccde326e99be8648e0f1a2efc52065cfa6e9c02408684
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72267
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Apr 2024 11:19:25 GMT
241208466550208
connect.facebook.net/signals/config/
68 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/241208466550208?v=2.9.154&r=stable&domain=www.flowercorner.vn&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d778d42f996b6d85cbc3174d1ff7f2d8dca8385098c97436ed78ac6ba263029
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 21 Apr 2024 11:19:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=8, c=44, mss=1294, tbw=96521, tp=-1, tpl=-1, uplat=152, ullat=0
pragma
public
x-fb-debug
fQTgY5+ktWCyh8fRtLOD/phM+SNIxZY4gnZlc+YFPRcb7hNeBTn27/8rRJa7d/5c2th7Bgc8+1KgFoAPmiMYIw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
218 KB
57 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 21 Apr 2024 11:19:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=38, mss=1232, tbw=4316, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
xeAHR7MvmAjEvaTA03hAgicMiXKxqDLNQ0tEqT5xnh+963qGTMDZ77yKCPPAZiuEwu6xpES78B+8Q1VogTmX2Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
destination
www.googletagmanager.com/gtag/
220 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-817395020&l=dataLayer&cx=c
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12e9259eae3b89abe60c684a128e52b0a9ad1b1fa441df5e739d3104ff67a8d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80656
x-xss-protection
0
last-modified
Sun, 21 Apr 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Apr 2024 11:19:25 GMT
js
www.googletagmanager.com/gtag/
297 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-00CB3CS7J3&l=dataLayer&cx=c
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c02facae6c4c4fd7b11f0ba816de38697677188975a34814c8d3ea83453b986
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101109
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Apr 2024 11:19:25 GMT
/
invalid/
0
0

gtm.js
www.googletagmanager.com/
243 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PQ6PJ3GS
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c52667818d3caf10a9349e878dec0c327790762beae62ef22d26a556a0f7a5a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87624
x-xss-protection
0
last-modified
Sun, 21 Apr 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Apr 2024 11:19:25 GMT
all.min.css
789-gem.fun/catalog/view/stylesheet/fonts/fontawesome/css/
0
0
Stylesheet
General
Full URL
https://789-gem.fun/catalog/view/stylesheet/fonts/fontawesome/css/all.min.css
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
56.135.32.34.bc.googleusercontent.com
Software
railway /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:25 GMT
content-encoding
gzip
server
railway
content-type
text/html
css2
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0293bd5e66bfda80430f1ef4eb6932b88ef633a0d8523e7b1723746c86dafe07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Apr 2024 11:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Apr 2024 11:19:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Apr 2024 11:19:25 GMT
/
invalid/
0
0

/
invalid/
0
0

/
invalid/
0
0

/
invalid/
0
0

/
invalid/
0
0

/
invalid/
0
0

/
invalid/
0
0

/
invalid/
0
0

/
invalid/
0
0

/
invalid/
0
0

/
invalid/
0
0

/
invalid/
0
0

/
invalid/
0
0

/
invalid/
0
0

/
invalid/
0
0

/
invalid/
0
0

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/817395020/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/817395020/?random=1713588583203&cv=11&fst=1713588583203&bg=ffffff&guid=ON&async=1&gtm=45be44h0v879924426z89135123798za201&gcd=13l3l3l3l1&dma=0&u_w=903&u_h=758&url=https%3A%2F%2Fwww.flowercorner.vn%2F&ref=https%3A%2F%2Fweb.telegram.org%2F&hn=www.googleadservices.com&frm=0&tiba=Shop%20hoa%20t%C6%B0%C6%A1i%20FlowerCorner%3A%20%C4%90%E1%BA%B7t%20Hoa%20Online%20Giao%20Mi%E1%BB%85n%20Ph%C3%AD%20Ch%E1%BB%89%20T%E1%BB%AB%20300K&npa=0&pscdl=noapi&auid=1146950975.1713581530&uaa=&uab=64&uafvl=Chromium%3B118.0.5993.117%7CGoogle%2520Chrome%3B118.0.5993.117%7CNot%253DA%253FBrand%3B99.0.0.0&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
0cdaa97163f3d90373301d5e4b1d7559843d9b51b354315456617ba36b1aec51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 21 Apr 2024 11:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1369
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking.js
cdn.livechatinc.com/
89 KB
27 KB
Script
General
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-171.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5c38c05e30f459bab668b1bcb8e37f96abc9516f2dee266aa8c2cc32c2241c68

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hGB_dnGxhI.cRiBpFcDBN2hZl1sbmT4E
content-encoding
br
date
Sun, 21 Apr 2024 11:19:25 GMT
last-modified
Thu, 11 Apr 2024 12:55:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"fd2c2a1cfef58ec68842695fc4040836"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
x-amz-cf-id
2p6uCav9uRHTYG5DR54n-qTTJdqm_DhY3D1uHy-uFNv4w-VI1o5d7Q==
content-length
27319
expires
Sun, 21 Apr 2024 19:19:25 GMT
shop-hoa-tuoi-flowercorner-logo.png.webp
www.flowercorner.vn/image/catalog/common/
7 KB
7 KB
Image
General
Full URL
https://www.flowercorner.vn/image/catalog/common/shop-hoa-tuoi-flowercorner-logo.png.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.153.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
166d2f5778b97caad2d88b934a458a48af343b7ed57eafd3cd87de7e0628e333
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
247125
alt-svc
h3=":443"; ma=86400
content-length
6864
referrer-policy
no-referrer
last-modified
Fri, 18 Aug 2023 18:49:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MgKH1XPSHhLtTkeXK3AE8BD8zOHtYeFKXrF%2B4I9Cc%2FbYVacOBvdYLKHAHmEkiTUkLqpqhHfmifs1fCncuzB2wDPDMJzKdW16tbrQK%2F9BF3IndydM11J%2Bb%2BhUzL6dZd9WTc8KL77p"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
877cfaa1debbb987-AMS
expires
Thu, 25 Apr 2024 14:40:40 GMT
P6603bc94606273.86371461.webp
in.flowercorner.vn/uploads/
29 KB
29 KB
Image
General
Full URL
https://in.flowercorner.vn/uploads/P6603bc94606273.86371461.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
093688ee5c06dad8e50103f42e27ffc6d48db349e8d6fb0c41f7faf9b770df1d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:26 GMT
last-modified
Wed, 27 Mar 2024 06:28:36 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29876
expires
Sun, 28 Apr 2024 11:19:26 GMT
P657fd22ae76098.00568485.webp
in.flowercorner.vn/uploads/
27 KB
28 KB
Image
General
Full URL
https://in.flowercorner.vn/uploads/P657fd22ae76098.00568485.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
12a9a719904f444b40a9ec19738cdd741e18b333da3387829706fea52b48eaf6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:26 GMT
last-modified
Mon, 18 Dec 2023 05:01:31 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
28070
expires
Sun, 28 Apr 2024 11:19:26 GMT
P649eaaa2d52659.21834674.webp
in.flowercorner.vn/uploads/
29 KB
29 KB
Image
General
Full URL
https://in.flowercorner.vn/uploads/P649eaaa2d52659.21834674.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
548796c77dd625c5174c52321794eb4622857d33c26e291c2b8565f2f7fd7758

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:26 GMT
last-modified
Fri, 30 Jun 2023 10:12:50 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29814
expires
Sun, 28 Apr 2024 11:19:26 GMT
bo-hoa-endless-love.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
52 KB
52 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-endless-love.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
0a241c8865e72108440c1248d63413892f4ad4b3bdcbc7c359470c541121325e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
399847
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
52766
x-cached
HIT
referrer-policy
no-referrer
last-modified
Sat, 25 Nov 2023 18:35:38 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E4ZScAtl75TAGhMZYXYgINwFtFHzXkP%2B05uIXpgEVuFHUaCO4QZoDyaA9TXE1AWq4KEjix41kt61x4o08zjh%2Blud5S4%2BdTRd2%2F2ZwAYGr5NLSD6ZHFMY5z71Rb0OvWCHSTAjPaQ5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
87099d211bd2850e-HKG
expires
Mon, 21 Apr 2025 11:19:27 GMT
bo-hoa-hong-dieu-ngot-ngao-nhat.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
82 KB
83 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-hong-dieu-ngot-ngao-nhat.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
92f7f08f65b75210a6f05aef12b44c4e3233eb11ec3124664d87471927e439f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3101
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
84216
x-cached
HIT
referrer-policy
no-referrer
last-modified
Sat, 25 Nov 2023 19:35:20 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2FS%2B741ZhKl2D04XtugXgtH3oQyzo%2F2CBUrCpfFBpozm1hQ5HUdALhNLknlcy27qGMRbidK8pJIl7O4QbrXeWlluceXuV8%2FkymNcg5roTcb27ZABJDlA3275e7Rf3R5maDjb%2FtfZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
875891b32cd10f10-HKG
expires
Mon, 21 Apr 2025 11:19:27 GMT
bo-hoa-hong-dau-fairy-tale.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
92 KB
93 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-hong-dau-fairy-tale.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
4774986c30463795c74679d9588d166f093c8e504949fdd6e6d56a614d40e9b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
83726
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
93938
x-cached
HIT
referrer-policy
no-referrer
last-modified
Fri, 19 Jan 2024 04:00:04 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GG3DBxS2rmok7eOfCFdXQGVQUVGWJqjG6%2BBfu21oGqDFGKQHqBttsAp%2B%2BIYdi1fwxW031B4WJEstQk%2BifaJqFwIiphHWIIzDRs%2FR5KSagUndNrlUhXP2sQUk%2FST1RFDn2rPi5FJb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
876003375f9a0eb8-HKG
expires
Mon, 21 Apr 2025 11:19:27 GMT
bo-hoa-hong-do-gio-thu.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
69 KB
69 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-hong-do-gio-thu.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
da3cd37471aa68924a0d0baceb8cc06c3d5a96a4132c3d6d1e468e24cb78272f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46584
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
70246
x-cached
HIT
referrer-policy
no-referrer
last-modified
Sat, 25 Nov 2023 20:50:02 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kdJswUd9v2LljA8f2zUkm7bwet6KtQgAB98DbWx%2BZQS4GAYnosgsAwcOWLR%2FNaHcpxC2GQQVqVyhv7Ch7M9ZVtzr6djtrVyhqPplLCV90LjzbtoIgmzEqnb3LfhgnvZCDMgFoXtB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86e8eb2d2e0d6e58-HKG
expires
Mon, 21 Apr 2025 11:19:27 GMT
bo-hoa-cuc-tana-little-tana.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
87 KB
88 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-cuc-tana-little-tana.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
8139910cdcb2b3cec9dbaf90e3a6ac168d318f682ab4a4a0d6c0039d1db5e1d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
95424
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
89020
x-cached
HIT
referrer-policy
no-referrer
last-modified
Tue, 02 Jan 2024 09:30:04 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vlrdm0L2fNY1U30rr6HBGz4Q%2FTPj4AWhuFw93tJcDkfZ9ahMa8sfWyC2Q7J09v7tAgAYIE7DXuMw6ET8LGWtdyrzO6qyA27WVrHbDOEo6QruSDVOVF63PMjAfV06QGtzqILhMDxE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
87099d9de891716a-HKG
expires
Mon, 21 Apr 2025 11:19:27 GMT
bo-hoa-your-day.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
85 KB
86 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-your-day.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
af6baad208c2f71deb4ef32eddcb375ff553e63ba5470c7b402a8d73beb43d4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38507
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
87132
x-cached
HIT
referrer-policy
no-referrer
last-modified
Sat, 25 Nov 2023 18:36:49 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VkoZeCPiUm8Fv%2BYBz4pA5W3PAxAYrU%2BRyDKafgMEZ3oMK5arBDBpkofVNk%2FiPQbS6TJ5NHx0f7up5vry00XcLCq5k%2Flwb6wV%2B6ipCrhm82t%2FFqfahGJ7Y4shTxHiuENEVPGgacpf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86e8f46ffd506e5d-HKG
expires
Mon, 21 Apr 2025 11:19:27 GMT
bo-hoa-baby-xanh-mat-xanh-2.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
117 KB
118 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-baby-xanh-mat-xanh-2.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
842d0ed31a68e96bdbac3197fc6a7b80510e9a3458d7b93834daa669fca82c55
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
276635
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
119504
x-cached
HIT
referrer-policy
no-referrer
last-modified
Tue, 09 Jan 2024 10:45:03 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ch8FkSXaTQgJTpYZFoTYD98WasFLF3Oi9JE3FJQfM54hZf9JNDPIN8hHdvFRkeQsZFmA4%2BVOJMztc8zZs%2Fn%2BbV72trvlSlbjLJBs0XUcMrtXRYWdnxBJJkgrdLrqqD2AsaPfmTjw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86fde18e0e70849a-HKG
expires
Mon, 21 Apr 2025 11:19:28 GMT
bo-hoa-hong-pastel-khoe-sac.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
95 KB
96 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-hong-pastel-khoe-sac.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
072fa06ddc6efa28aa8dc08dec552f6834754d4f7c04aa2df030fa3d440f30a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5848
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
97566
x-cached
HIT
referrer-policy
no-referrer
last-modified
Fri, 19 Jan 2024 04:00:09 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UPgZbE136KLcSgw4vVD2C97PJR3vLnC1zIQUJVWVdJEK03UeoVcGqvROZpypsGk6zzPA5dP8N%2F5vX9hi4f8GMBXhJaaZo7RQhicbxmZQWVH%2BI5uUhNHeXti1bX007gI%2BBRseucHl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8758ff42ad3a853c-HKG
expires
Mon, 21 Apr 2025 11:19:28 GMT
bo-hoa-thach-thao-trang-thanh-tu.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
89 KB
90 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-thach-thao-trang-thanh-tu.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
b0c63285e9edac467a023da3a35fdf8fd213c15f48389e96d7465f223d5b7b61
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5585
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
91152
x-cached
HIT
referrer-policy
no-referrer
last-modified
Thu, 28 Dec 2023 09:00:05 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTRfUFsLJqPrvrwCbTRP6Qmf4qdlCEytpMtkIxwvp7anawAmgTvkUIWmq7%2FypELpasl0AdNo%2B2T3il4a1LfiDhwpmn9%2FbD3A20YhuLfH6n2wiET48Zsgx2Lj%2FTpBi41fCKU2ELsy"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8758ff680acb8524-HKG
expires
Mon, 21 Apr 2025 11:19:28 GMT
bo-hoa-baby-hong-pink-moon.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202022/
69 KB
69 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202022/bo-hoa-baby-hong-pink-moon.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
318a14bddf5007e7384f02a81088018998ade4099de55fec7f96061b95b06af0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
334967
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
70292
x-cached
HIT
referrer-policy
no-referrer
last-modified
Sat, 25 Nov 2023 18:45:02 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1WOcehwAVUvOQWgsslAriUw%2F%2B136s2Ps%2BXF6jl82gpyqF8auclA%2BwyQR%2BNzW%2BIPVXK3wnmbPoDSQ%2Ba7Jywj89maQGWyduaupBp69P6IgTSiiJ8t2kTse2Ff8iQLTh2OppXb7uJe"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
87786949db721fc2-HKG
expires
Mon, 21 Apr 2025 11:19:28 GMT
khuc-tinh-ca.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
69 KB
69 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/khuc-tinh-ca.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
ac875f410404cd36004d305386f93b0644016fddac904c6fd60d7111c1b09873
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
222167
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
70164
x-cached
HIT
referrer-policy
no-referrer
last-modified
Tue, 02 Apr 2024 11:30:04 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8PZqNMRk9cFwddCJp5nu5%2FKqpElyWJV9CFLAsAFfkHwmE1ngqhLck%2BKxhS%2BA8wQ6dX8cbB8eST3KDacmm%2FX1X%2BRlTA8fx9fb%2FuEj1YFlfONZDm3VirndXkNEFT2yRu59OqN1dhs"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
876d58c73c048524-HKG
expires
Mon, 21 Apr 2025 11:19:28 GMT
nu-cuoi-em.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
89 KB
89 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/nu-cuoi-em.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
1941cc51026d049e556ae00e9b22d97b9e1b68700898a3844bc066330fd38b5c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
438899
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
90740
x-cached
HIT
referrer-policy
no-referrer
last-modified
Tue, 02 Apr 2024 11:30:07 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVjyEegaKC0ZlnFOu63xvf%2BC2O3IytB4xSpcaus57RrONXGmLqPYv%2FlnGLdy71Ckw3WuoXkb%2B7OUztubugy81RoNpGoWsnFNeWSefHEYgUOB0qBDNvTOAQVTAS4wQBWfcp3WwXHM"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8747bf1da8041089-HKG
expires
Mon, 21 Apr 2025 11:19:28 GMT
bo-cuc-tana-chamomile.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
96 KB
96 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-cuc-tana-chamomile.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
f3cf86a01a96be90aa06683a066b9d62325534e7d9c86edbff46e8b7d58491a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64035
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
97978
x-cached
HIT
referrer-policy
no-referrer
last-modified
Fri, 29 Dec 2023 05:00:04 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SFxUC%2FsfU7DvRVGzTAUgjNu0KNJ0ap%2F5GKYGLKbQAw0xORVZp2qtnuQZQo5jOqKUyyvEQ51kPl16AR06ny6youJ1Y61qg8rcmc1M6FfCFz8%2BQWa7H3cVYk%2BqHQnBNjt6Y%2FDXDKhU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86ea1a48cdbe8475-HKG
expires
Mon, 21 Apr 2025 11:19:28 GMT
bo-hoa-hong-yeu-tham.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
121 KB
122 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-hong-yeu-tham.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
c879ea846d96ee977e20a3289a154e28539fce8bbb1fa5508de5ab82242675d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69951
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
123786
x-cached
HIT
referrer-policy
no-referrer
last-modified
Thu, 04 Jan 2024 03:15:04 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9gIwou9xO%2Bi3lg852zumQO7d%2FMawoY7amnikESqxh459yP3MTeJgoe6zwqEknNj3PgLgK6o2%2B5d7plosXp1BnxkFvH7%2BJi7mGid0pWCxsCOv9hXqNET2G6KLIR8R56bNfjjxkrw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
875ffed258b204be-HKG
expires
Mon, 21 Apr 2025 11:19:28 GMT
bo-hoa-hong-cam-free-spirit-02.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
114 KB
115 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-hong-cam-free-spirit-02.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
06be1bd779e10e41315e30f09e8e0c6d0ce8f37b17ba52e6eb1e8f389d3e6af1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
93675
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
117126
x-cached
HIT
referrer-policy
no-referrer
last-modified
Tue, 06 Feb 2024 03:40:04 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=chwhb2L4YwK7J3S4dbjOh5siDXh6QL%2F3D8xKzCOxWQzMuITagt%2BBGMPc3Nv3D7DX5RBVuZAzzXzvP2eDSl9ARfbOTgnUsHFO42UMklqBsr%2B%2BnuRmdaehNxyIiVe4ienj8qDqL46p"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
876128cddfea1108-HKG
expires
Mon, 21 Apr 2025 11:19:28 GMT
bo-hoa-hong-cam-free-spirit.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
106 KB
107 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-hong-cam-free-spirit.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
af7605042e7636d1d95ea22a681396f600af58b0f053d9b86d5eb13bfdcccc59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91153
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
108302
x-cached
HIT
referrer-policy
no-referrer
last-modified
Tue, 06 Feb 2024 04:05:03 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2BkMEC8t%2B5qC96Q7vvXCKHc9WH2XDLeKvUwjJAUM7iwqc%2BHyrgY7DTgjVwFyFa6S%2FDlO84R6E4Sp04JJexVdWvKpp411IKn0YzPg34D%2F3nkCbVvWzL8L1IqjRwEb9RHK%2FwzWwD7C"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
876128ce1d221079-HKG
expires
Mon, 21 Apr 2025 11:19:28 GMT
bo-hoa-forever-young.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
81 KB
81 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-forever-young.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
10013c228eaee5668b4e22b957a6b21293ef75efdb01d24649d15d7a86da4767
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60974
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
82576
x-cached
HIT
referrer-policy
no-referrer
last-modified
Wed, 24 Jan 2024 10:00:03 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FhADF4XqouzG6qbE62tvS2fRxiFpWlrDZ5q9FeSdaTMwB%2FigorUSwZOHbJsb%2FQqlKx8Nt7DU8wAgSWJFQRiOMTYpB7qHN3vqht%2BXKdhbwDGdhhAURxFB0JZ8ofayWC3sP7nBlzCr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86ea1a625ad2079b-HKG
expires
Mon, 21 Apr 2025 11:19:28 GMT
giac-mo-nho-be.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/Spring%202024/
54 KB
55 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/Spring%202024/giac-mo-nho-be.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
23ac568e583679eec9fa3aec83a181e21d567665051a9cdfbce2cbd6781714ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65825
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
55534
x-cached
HIT
referrer-policy
no-referrer
last-modified
Tue, 27 Feb 2024 02:10:04 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hshsKHQ9dGho%2FYmxR1tvsSHuAOpytyUiVf6dsm2a1lwu9oHZtTGypf8dw%2FEqtLPpshtUXxUtfeK1AdeT0KfMDqFqVV%2BCt5jS%2FYjQVtT8Qp9pjYWulkcwbcByTz3F6ceNZprh4b0W"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86ea1a622d99857f-HKG
expires
Mon, 21 Apr 2025 11:19:28 GMT
bo-hoa-dong-tien-hong-001.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
41 KB
42 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-dong-tien-hong-001.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
af07a0fd37f370b62cc9b2a5c133c4f2d1badcc4cc7064789f921d53818916e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
251526
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
41828
x-cached
HIT
referrer-policy
no-referrer
last-modified
Mon, 05 Feb 2024 11:15:03 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EhRJlOtkDo%2B9l31Wx7xoJ6dTw0DanbCuFXN%2BzNWKp%2Bfrsh%2FGcZu3D%2FUDRF742mJhl2hkmMATqa5k82NIXsQWnmFJQufKlF7zGalIhSp4uFKlLBkY518RoGlZW%2BlKykijsNFeEasD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
877217177b5c8494-HKG
expires
Mon, 21 Apr 2025 11:19:28 GMT
bo-hoa-cam-chuong-trang.jpg.webp
8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/
43 KB
44 KB
Image
General
Full URL
https://8384f55340.vws.vegacdn.vn/image/cache/catalog/products/August%202023/bo-hoa-cam-chuong-trang.jpg.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.30.168.3 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
7164be079265dbcb4a39f60cb19532b96ec6566cfc494899274f4b2294a48dd9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2221
geoip_country_code
NL
alt-svc
h3=":443"; ma=86400
content-length
44250
x-cached
HIT
referrer-policy
no-referrer
last-modified
Mon, 05 Feb 2024 11:40:03 GMT
server
nginx
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7MbyqDCA0p7Nzr9qdrWWF6stE9SaBiuYlM7LAM17%2BJ57MTOjdJECff2Mb4qG15%2BSMI3nKgEpePaO%2F9e088OU6fXEDhHNP%2BHK6h9N%2Bcsa3l6I46PgNp%2BV%2FhQdRNajRSUQbWhYBtmp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8758ffb14aee8475-HKG
expires
Mon, 21 Apr 2025 11:19:28 GMT
1px.webp
789-gem.fun/image/catalog/
555 B
555 B
Image
General
Full URL
https://789-gem.fun/image/catalog/1px.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
56.135.32.34.bc.googleusercontent.com
Software
railway /
Resource Hash
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:25 GMT
content-encoding
gzip
server
railway
content-type
text/html
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://789-gem.fun
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 17:34:04 GMT
x-content-type-options
nosniff
age
495921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Apr 2025 17:34:04 GMT
JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2
fonts.gstatic.com/s/montserrat/v26/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da22288b706a3af2a2853e0641b66f3c8da22785e8caf9921efdf4d9a59865d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://789-gem.fun
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 23:37:10 GMT
x-content-type-options
nosniff
age
128535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15396
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Apr 2025 23:37:10 GMT
JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://789-gem.fun
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 14:41:23 GMT
x-content-type-options
nosniff
age
247082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9512
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:58:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Apr 2025 14:41:23 GMT
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/
27 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://789-gem.fun
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 03:13:36 GMT
x-content-type-options
nosniff
age
461149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27812
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:37:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 03:13:36 GMT
api.js
www.google.com/recaptcha/
1 KB
855 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
284a99afd88b68137689930b5b6ff64441d7e1870585b18e398490d728ae8b9d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 21 Apr 2024 11:19:26 GMT
817395020
td.doubleclick.net/td/rul/ Frame FC13
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/817395020?random=1713588583203&cv=11&fst=1713588583203&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44h0v879924426z89135123798za201&gcd=13l3l3l3l1&dma=0&u_w=903&u_h=758&url=https%3A%2F%2Fwww.flowercorner.vn%2F&ref=https%3A%2F%2Fweb.telegram.org%2F&hn=www.googleadservices.com&frm=0&tiba=Shop%20hoa%20t%C6%B0%C6%A1i%20FlowerCorner%3A%20%C4%90%E1%BA%B7t%20Hoa%20Online%20Giao%20Mi%E1%BB%85n%20Ph%C3%AD%20Ch%E1%BB%89%20T%E1%BB%AB%20300K&npa=0&pscdl=noapi&auid=1146950975.1713581530&uaa=&uab=64&uafvl=Chromium%3B118.0.5993.117%7CGoogle%2520Chrome%3B118.0.5993.117%7CNot%253DA%253FBrand%3B99.0.0.0&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://789-gem.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Apr 2024 11:19:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXZ0poK5.woff2
fonts.gstatic.com/s/montserrat/v26/
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXZ0poK5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
549336179e4291b294b24280796e099b7e0acd19daca629ec31825bff1c31f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://789-gem.fun
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 18:41:40 GMT
x-content-type-options
nosniff
age
59865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13820
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:37:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Apr 2025 18:41:40 GMT
customerchat.php
www.facebook.com/v12.0/plugins/ Frame 2513
0
0
Document
General
Full URL
https://www.facebook.com/v12.0/plugins/customerchat.php?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fd55442060b614b%26domain%3Dwww.flowercorner.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.flowercorner.vn%252Ff17d5e73188bf3ee9%26relation%3Dparent.parent&container_width=903&current_url=https%3A%2F%2Fwww.flowercorner.vn%2F&is_loaded_by_facade=true&local_state=%7B%22v%22%3A2%2C%22path%22%3A2%2C%22chatState%22%3A1%2C%22visibility%22%3A%22hidden%22%2C%22showUpgradePrompt%22%3A%22not_shown%22%2C%22greetingVisibility%22%3A%22hidden%22%7D&locale=vi_VN&log_id=2488d29d-ec5f-4e44-992d-b67c306f548a&page_id=411745402577295&request_time=1713588596125&sdk=joey
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.flowercorner.vn; default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://789-gem.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
frame-ancestors https://www.flowercorner.vn; default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Apr 2024 11:19:25 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v13.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=21, mss=1294, tbw=14913, tp=-1, tpl=-1, uplat=236, ullat=1
x-fb-debug
pwrKngUtAugqbVFiIp5qQwWzxd7NhZHTorFJPfnmBHUpIIna9erC4HdOlh5x25Pu39/EdXsPbz7R/1dgN/6Ztg==
x-xss-protection
0
bubble
www.facebook.com/v12.0/plugins/customer_chat/ Frame 96F3
0
0
Document
General
Full URL
https://www.facebook.com/v12.0/plugins/customer_chat/bubble
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://789-gem.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy
same-origin
date
Sun, 21 Apr 2024 11:19:25 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v13.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1294, tbw=2820, tp=-1, tpl=-1, uplat=128, ullat=0
x-fb-debug
3xfTA2zAry8F6akvKzt8QFFDpyzY6Qjrck2v9j6oZRO0tpcQprVELbw/5idzHNc9H3qfJPPC4aa/7nPidavP3A==
x-xss-protection
0
bubble
www.facebook.com/v12.0/plugins/customer_chat/ Frame 0388
0
0
Document
General
Full URL
https://www.facebook.com/v12.0/plugins/customer_chat/bubble
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://789-gem.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy
same-origin
date
Sun, 21 Apr 2024 11:19:26 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v13.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=45, mss=1294, tbw=41627, tp=-1, tpl=-1, uplat=133, ullat=0
x-fb-debug
Kwix1PYdDZx1uRpWnnm/ZTHgcUqLxEzRDNTs2MyywxH4UKepBxrIrk+ElGSxkE1HAX0OqLKOV8w6nB6x0naHHA==
x-xss-protection
0
bubble
www.facebook.com/v12.0/plugins/customer_chat/ Frame 663C
0
0
Document
General
Full URL
https://www.facebook.com/v12.0/plugins/customer_chat/bubble
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://789-gem.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy
same-origin
date
Sun, 21 Apr 2024 11:19:26 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v13.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
priority
u=0,i
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4319, tp=9, tpl=0, uplat=122, ullat=0
x-fb-debug
Lk+453q4zCDHD5AEpfBOeQZdKZEBMkYLlbjqAJYhN+NsmCb30RmKpJbwF8HMyTuXaVBpN8rHglCxHyq9KeUVwQ==
x-xss-protection
0
open_chat
secure.livechatinc.com/customer/action/ Frame 4421
0
0
Document
General
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=17487633&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.11 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://789-gem.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2614
Content-Type
text/html; charset=utf-8
Date
Sun, 21 Apr 2024 11:19:26 GMT
Vary
Accept-Encoding
api
in.flowercorner.vn/
892 B
926 B
XHR
General
Full URL
https://in.flowercorner.vn/api?cmd=slider&v=1713698365520
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash
1a2adb0771797d7bfdb840264f07384d5ead28ef8509d387d5c4f2edccda6098

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sun, 21 Apr 2024 11:19:26 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-type
application/json, charset=utf-8
api
in.flowercorner.vn/
366 B
400 B
XHR
General
Full URL
https://in.flowercorner.vn/api?cmd=popup&v=1713698365520
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash
af13ccc06ae9ac590cfc0c2b6792b154ad52bb7694c4d724a1be7ecb4690672e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sun, 21 Apr 2024 11:19:26 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-type
application/json, charset=utf-8
api
in.flowercorner.vn/
1 KB
1 KB
XHR
General
Full URL
https://in.flowercorner.vn/api?cmd=coupons&v=1713698365520
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash
568c425a78e97af7500aa7f6bf4f94f9aec919b7b421415815b262416da5cb8f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sun, 21 Apr 2024 11:19:26 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-type
application/json, charset=utf-8
api
in.flowercorner.vn/
367 B
400 B
XHR
General
Full URL
https://in.flowercorner.vn/api?cmd=ship_regions&v=1713698365615
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash
b7bc302eaca322c092746cf1db329edb28623726f16a707e76c5a20fbeed43d5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
*/*
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sun, 21 Apr 2024 11:19:26 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
application/json, charset=utf-8
241208466550208
connect.facebook.net/signals/config/
68 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/241208466550208?v=2.9.154&r=stable&domain=789-gem.fun&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
8d778d42f996b6d85cbc3174d1ff7f2d8dca8385098c97436ed78ac6ba263029
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 21 Apr 2024 11:19:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=82, mss=1232, tbw=65692, tp=61, tpl=0, uplat=132, ullat=1
pragma
public
x-fb-debug
T0Xp1kNByuxDNDZGmD0OwVaPAV8wR2x1UtmyTGfXl/ZzBExQ2efmGldEzLL62b/cwQW3PDitV4jtd8D9xgOZ7g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/817395020/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/817395020/?random=1713588583203&cv=11&fst=1713585600000&bg=ffffff&guid=ON&async=1&gtm=45be44h0v879924426z89135123798za201&gcd=13l3l3l3l1&dma=0&u_w=903&u_h=758&url=https%3A%2F%2Fwww.flowercorner.vn%2F&ref=https%3A%2F%2Fweb.telegram.org%2F&frm=0&tiba=Shop%20hoa%20t%C6%B0%C6%A1i%20FlowerCorner%3A%20%C4%90%E1%BA%B7t%20Hoa%20Online%20Giao%20Mi%E1%BB%85n%20Ph%C3%AD%20Ch%E1%BB%89%20T%E1%BB%AB%20300K&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqvDZ-3Uxs8jxuTYDFXuKjyVAAypucyQ&random=4074718353&rmt_tld=0&ipr=y
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 21 Apr 2024 11:19:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/817395020/
42 B
455 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/817395020/?random=1713588583203&cv=11&fst=1713585600000&bg=ffffff&guid=ON&async=1&gtm=45be44h0v879924426z89135123798za201&gcd=13l3l3l3l1&dma=0&u_w=903&u_h=758&url=https%3A%2F%2Fwww.flowercorner.vn%2F&ref=https%3A%2F%2Fweb.telegram.org%2F&frm=0&tiba=Shop%20hoa%20t%C6%B0%C6%A1i%20FlowerCorner%3A%20%C4%90%E1%BA%B7t%20Hoa%20Online%20Giao%20Mi%E1%BB%85n%20Ph%C3%AD%20Ch%E1%BB%89%20T%E1%BB%AB%20300K&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqvDZ-3Uxs8jxuTYDFXuKjyVAAypucyQ&random=4074718353&rmt_tld=1&ipr=y
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 21 Apr 2024 11:19:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/
359 B
539 B
Script
General
Full URL
https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=17487633&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2F789-gem.fun%2F&channel_type=code&jsonp=__gdrjouunlfu
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.11 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c090de5081dce4399c25cf9bc5014e301a446a6020595b0ea98f044eb05da230
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://789-gem.fun/;
X-Frame-Options allow-from https://789-gem.fun/

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors https://789-gem.fun/;
date
Sun, 21 Apr 2024 11:19:26 GMT
content-length
359
vary
Accept-Encoding
x-frame-options
allow-from https://789-gem.fun/
content-type
application/javascript; charset=UTF-8
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=241208466550208&ev=PageView&dl=https%3A%2F%2F789-gem.fun%2F&rl=&if=false&ts=1713698365922&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713698365914.835020596&cs_est=true&ler=empty&cdl=API_unavailable&it=1713698365706&coo=false&rqm=GET
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1294, tbw=2764, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 21 Apr 2024 11:19:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/
2 B
204 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=516336922&t=pageview&_s=1&dl=https%3A%2F%2F789-gem.fun%2F&ul=nl-nl&de=UTF-8&dt=Shop%20hoa%20t%C6%B0%C6%A1i%20FlowerCorner%3A%20%C4%90%E1%BA%B7t%20Hoa%20Online%20Giao%20Mi%E1%BB%85n%20Ph%C3%AD%20Ch%E1%BB%89%20T%E1%BB%AB%20300K&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABEAAAACAAI~&jid=1232910514&gjid=2113039956&cid=372456838.1713698366&tid=UA-114815169-1&_gid=67555004.1713698366&_r=1&gtm=457e44h0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1813112176
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Apr 2024 11:19:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://789-gem.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
151 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-114815169-1&cid=372456838.1713698366&jid=1232910514&gjid=2113039956&_gid=67555004.1713698366&npa=1&_u=aEBAAUAAEAAAACAAI~&z=1576212434
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 21 Apr 2024 11:19:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://789-gem.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
242 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-00CB3CS7J3&gtm=45je44h0v874478971z89135123798za200&_p=1713698365415&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=372456838.1713698366&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713698366&sct=1&seg=0&dl=https%3A%2F%2F789-gem.fun%2F&dt=Shop%20hoa%20t%C6%B0%C6%A1i%20FlowerCorner%3A%20%C4%90%E1%BA%B7t%20Hoa%20Online%20Giao%20Mi%E1%BB%85n%20Ph%C3%AD%20Ch%E1%BB%89%20T%E1%BB%AB%20300K&en=page_view&_fv=1&_ss=1&ep.debug_mode=false&tfd=1678
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-00CB3CS7J3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 21 Apr 2024 11:19:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://789-gem.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
251 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-00CB3CS7J3&cid=372456838.1713698366&gtm=45je44h0v874478971z89135123798za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-00CB3CS7J3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 21 Apr 2024 11:19:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://789-gem.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
107 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-00CB3CS7J3&cid=372456838.1713698366&gtm=45je44h0v874478971z89135123798za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=754437015
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 21 Apr 2024 11:19:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/
500 KB
200 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b32851c632602843aa7dd7155d58e01e1c4b8171091654935d372d40597eb02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Origin
https://789-gem.fun
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 01:05:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
204795
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 04:30:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Apr 2025 01:05:23 GMT
get_configuration
api.livechatinc.com/v3.4/customer/action/
4 KB
2 KB
Script
General
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=6528d6a0-f676-4004-8cb4-755c5a20c70b&version=46.0.1.13.67.11.1.1.1.1.1.4.1&group_id=0&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.11 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3b653ad61a8273671489cf213e3ba71ca2f181a510eea9d3caea8158fa508c23

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:26 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
cache-control
public, max-age=600
content-length
1571
expires
Sun, 21 Apr 2024 11:29:26 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114815169-1&cid=372456838.1713698366&jid=1232910514&npa=1&_u=aEBAAUAAEAAAACAAI~&z=264225887
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 21 Apr 2024 11:19:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
63 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114815169-1&cid=372456838.1713698366&jid=1232910514&npa=1&_u=aEBAAUAAEAAAACAAI~&z=264225887
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 21 Apr 2024 11:19:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
P6603bca98a95a8.67175147.webp
in.flowercorner.vn/uploads/
75 KB
75 KB
Image
General
Full URL
https://in.flowercorner.vn/uploads/P6603bca98a95a8.67175147.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ef3c6455ffdd0fe55ec8e25d3eb95c6ce3c114902a3510b5ec754a36e440bef8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:27 GMT
last-modified
Wed, 27 Mar 2024 06:28:57 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
76364
expires
Sun, 28 Apr 2024 11:19:27 GMT
P657fd247737038.75342862.webp
in.flowercorner.vn/uploads/
54 KB
55 KB
Image
General
Full URL
https://in.flowercorner.vn/uploads/P657fd247737038.75342862.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bd6cc5b1724e814ff91cff68bb7c626e9142daa21a0f4b097df01fe9e1bc7cbb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:27 GMT
last-modified
Mon, 18 Dec 2023 05:01:59 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
55740
expires
Sun, 28 Apr 2024 11:19:27 GMT
P649ea8ef2ed4f0.09844576.webp
in.flowercorner.vn/uploads/
66 KB
66 KB
Image
General
Full URL
https://in.flowercorner.vn/uploads/P649ea8ef2ed4f0.09844576.webp
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2dfdea477cc43859a507b094f937cacc6d8e2d59734036987b4d7fffdfe698ca

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:27 GMT
last-modified
Fri, 30 Jun 2023 10:05:35 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
67322
expires
Sun, 28 Apr 2024 11:19:27 GMT
api
in.flowercorner.vn/
9 KB
9 KB
XHR
General
Full URL
https://in.flowercorner.vn/api?cmd=ship_districts&v=1713698365615
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.252.249.22 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash
df3d4ecb22a7a2ba43f7f6b889c40a913c9008b36de209858cb1e3b04886640f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
*/*
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sun, 21 Apr 2024 11:19:27 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
application/json, charset=utf-8
open_chat
secure.livechatinc.com/customer/action/ Frame 021E
0
0
Document
General
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=17487633&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.11 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://789-gem.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2614
Content-Type
text/html; charset=utf-8
Date
Sun, 21 Apr 2024 11:19:26 GMT
Vary
Accept-Encoding
get_localization
api.livechatinc.com/v3.4/customer/action/
14 KB
5 KB
Script
General
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=6528d6a0-f676-4004-8cb4-755c5a20c70b&version=8b4136637a184fd9fc32b59b8d4ec45a_55408e22f585002dd0e9f6e0a455502d&language=vi&group_id=0&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.11 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
12a42921308f5d75b2fe1e35d3d47472ab271c377949524108821c3a94ab49db

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
cache-control
public, max-age=599
content-length
4808
expires
Sun, 21 Apr 2024 11:29:26 GMT
tracking.js
cdn.livechatinc.com/
89 KB
0
Script
General
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-171.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5c38c05e30f459bab668b1bcb8e37f96abc9516f2dee266aa8c2cc32c2241c68

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hGB_dnGxhI.cRiBpFcDBN2hZl1sbmT4E
content-encoding
br
date
Sun, 21 Apr 2024 11:19:25 GMT
last-modified
Thu, 11 Apr 2024 12:55:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"fd2c2a1cfef58ec68842695fc4040836"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
x-amz-cf-id
2p6uCav9uRHTYG5DR54n-qTTJdqm_DhY3D1uHy-uFNv4w-VI1o5d7Q==
content-length
27319
expires
Sun, 21 Apr 2024 19:19:25 GMT
tracking.js
cdn.livechatinc.com/
89 KB
0
Script
General
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: 789-gem.fun
URL: https://789-gem.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-171.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5c38c05e30f459bab668b1bcb8e37f96abc9516f2dee266aa8c2cc32c2241c68

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hGB_dnGxhI.cRiBpFcDBN2hZl1sbmT4E
content-encoding
br
date
Sun, 21 Apr 2024 11:19:25 GMT
last-modified
Thu, 11 Apr 2024 12:55:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"fd2c2a1cfef58ec68842695fc4040836"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
x-amz-cf-id
2p6uCav9uRHTYG5DR54n-qTTJdqm_DhY3D1uHy-uFNv4w-VI1o5d7Q==
content-length
27319
expires
Sun, 21 Apr 2024 19:19:25 GMT
Logo-icon.png
789-gem.fun/image/catalog/1_dienhoa/app/
555 B
244 B
Other
General
Full URL
https://789-gem.fun/image/catalog/1_dienhoa/app/Logo-icon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
56.135.32.34.bc.googleusercontent.com
Software
railway /
Resource Hash
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://789-gem.fun/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:19:37 GMT
content-encoding
gzip
server
railway
content-type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| FB object| recaptcha function| $ function| jQuery function| moment object| google_tag_data function| ga object| gaplugins object| $jscomp function| daterangepicker function| getURLVar function| Chain object| chain object| dataLayer function| gtag function| fbq function| _fbq object| __lc object| LC_API number| uidEvent object| bootstrap function| lozad string| ZAS_IN_ENDPOINT object| SHIP_REGIONS object| SHIP_DISTRICTS function| numberWithCommas function| loadRegionSelect function| loadDistrictSelect function| loadShippingFee function| loadCoupon number| v_ts function| mobilecheck undefined| products undefined| $product_list undefined| total function| GTMAddShippingInfo boolean| __lc_inited object| google_tag_manager string| GoogleAnalyticsObject object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| LiveChatWidget

12 Cookies

Domain/Path Name / Value
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: 15ff7cf6-9884-4268-b542-c7efa9ead125
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: dbe8db4ef69aecb6919316249d089ecc3d229ba718c16ff3f9543011fa6dcd718f1be188cbcce4ff054155d2c05263e84da581920563246dc6d9b1a7ec08
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: 15ff7cf6-9884-4268-b542-c7efa9ead125
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: dbe8db4ef69aecb6919316249d089ecc3d229ba718c16ff3f9543011fa6dcd718f1be188cbcce4ff054155d2c05263e84da581920563246dc6d9b1a7ec08
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.789-gem.fun/ Name: _fbp
Value: fb.1.1713698365914.835020596
.789-gem.fun/ Name: _gid
Value: GA1.2.67555004.1713698366
.789-gem.fun/ Name: _gat_gtag_UA_114815169_1
Value: 1
.789-gem.fun/ Name: _gcl_au
Value: 1.1.1780106254.1713698366
.789-gem.fun/ Name: _ga_00CB3CS7J3
Value: GS1.1.1713698366.1.0.1713698366.60.0.0
.789-gem.fun/ Name: _ga
Value: GA1.1.372456838.1713698366
accounts.livechatinc.com/ Name: __oauth_redirect_detector
Value: counter=1&t=1713698397&tag=707df70212d0567250e0506c71d52792cedae7bf

29 Console Messages

Source Level URL
Text
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: https://789-gem.fun/catalog/view/stylesheet/fonts/fontawesome/css/all.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://789-gem.fun/(Line 17096)
Message:
Origin trial controlled feature not enabled: 'join-ad-interest-group'.
network error URL: https://789-gem.fun/image/catalog/1px.webp
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://789-gem.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/241208466550208?v=2.9.154&r=stable&domain=789-gem.fun&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://789-gem.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error
Message:
Refused to frame 'https://www.facebook.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://www.flowercorner.vn".
other warning URL: https://789-gem.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://789-gem.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://789-gem.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cdn.livechatinc.com/tracking.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network error URL: https://789-gem.fun/image/catalog/1_dienhoa/app/Logo-icon.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

789-gem.fun
8384f55340.vws.vegacdn.vn
api.livechatinc.com
cdn.livechatinc.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.flowercorner.vn
invalid
region1.analytics.google.com
secure.livechatinc.com
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.flowercorner.vn
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.gstatic.com
invalid
123.30.168.3
142.250.185.227
142.250.185.228
142.250.186.34
157.240.251.35
157.240.251.9
172.67.153.247
2.16.1.171
2001:4860:4802:32::36
2a00:1450:4001:808::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.32.135.56
45.252.249.22
95.100.146.11
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
0293bd5e66bfda80430f1ef4eb6932b88ef633a0d8523e7b1723746c86dafe07
06be1bd779e10e41315e30f09e8e0c6d0ce8f37b17ba52e6eb1e8f389d3e6af1
072fa06ddc6efa28aa8dc08dec552f6834754d4f7c04aa2df030fa3d440f30a2
093688ee5c06dad8e50103f42e27ffc6d48db349e8d6fb0c41f7faf9b770df1d
0a241c8865e72108440c1248d63413892f4ad4b3bdcbc7c359470c541121325e
0cdaa97163f3d90373301d5e4b1d7559843d9b51b354315456617ba36b1aec51
10013c228eaee5668b4e22b957a6b21293ef75efdb01d24649d15d7a86da4767
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
12a42921308f5d75b2fe1e35d3d47472ab271c377949524108821c3a94ab49db
12a9a719904f444b40a9ec19738cdd741e18b333da3387829706fea52b48eaf6
12e9259eae3b89abe60c684a128e52b0a9ad1b1fa441df5e739d3104ff67a8d8
166d2f5778b97caad2d88b934a458a48af343b7ed57eafd3cd87de7e0628e333
1941cc51026d049e556ae00e9b22d97b9e1b68700898a3844bc066330fd38b5c
1a2adb0771797d7bfdb840264f07384d5ead28ef8509d387d5c4f2edccda6098
23ac568e583679eec9fa3aec83a181e21d567665051a9cdfbce2cbd6781714ea
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
284a99afd88b68137689930b5b6ff64441d7e1870585b18e398490d728ae8b9d
2dfdea477cc43859a507b094f937cacc6d8e2d59734036987b4d7fffdfe698ca
318a14bddf5007e7384f02a81088018998ade4099de55fec7f96061b95b06af0
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf
3b653ad61a8273671489cf213e3ba71ca2f181a510eea9d3caea8158fa508c23
4774986c30463795c74679d9588d166f093c8e504949fdd6e6d56a614d40e9b0
4ec01f8b2dd5b78453bccde326e99be8648e0f1a2efc52065cfa6e9c02408684
548796c77dd625c5174c52321794eb4622857d33c26e291c2b8565f2f7fd7758
549336179e4291b294b24280796e099b7e0acd19daca629ec31825bff1c31f15
568c425a78e97af7500aa7f6bf4f94f9aec919b7b421415815b262416da5cb8f
5c38c05e30f459bab668b1bcb8e37f96abc9516f2dee266aa8c2cc32c2241c68
6b32851c632602843aa7dd7155d58e01e1c4b8171091654935d372d40597eb02
6c02facae6c4c4fd7b11f0ba816de38697677188975a34814c8d3ea83453b986
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
7164be079265dbcb4a39f60cb19532b96ec6566cfc494899274f4b2294a48dd9
8139910cdcb2b3cec9dbaf90e3a6ac168d318f682ab4a4a0d6c0039d1db5e1d5
842d0ed31a68e96bdbac3197fc6a7b80510e9a3458d7b93834daa669fca82c55
8d778d42f996b6d85cbc3174d1ff7f2d8dca8385098c97436ed78ac6ba263029
92f7f08f65b75210a6f05aef12b44c4e3233eb11ec3124664d87471927e439f8
ac875f410404cd36004d305386f93b0644016fddac904c6fd60d7111c1b09873
af07a0fd37f370b62cc9b2a5c133c4f2d1badcc4cc7064789f921d53818916e7
af13ccc06ae9ac590cfc0c2b6792b154ad52bb7694c4d724a1be7ecb4690672e
af6baad208c2f71deb4ef32eddcb375ff553e63ba5470c7b402a8d73beb43d4f
af7605042e7636d1d95ea22a681396f600af58b0f053d9b86d5eb13bfdcccc59
b0c63285e9edac467a023da3a35fdf8fd213c15f48389e96d7465f223d5b7b61
b7bc302eaca322c092746cf1db329edb28623726f16a707e76c5a20fbeed43d5
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd6cc5b1724e814ff91cff68bb7c626e9142daa21a0f4b097df01fe9e1bc7cbb
c090de5081dce4399c25cf9bc5014e301a446a6020595b0ea98f044eb05da230
c52667818d3caf10a9349e878dec0c327790762beae62ef22d26a556a0f7a5a8
c69ce120a7308882f6fc6de703f01eeb43965fbb1cf8ba1fe7c697eb88758006
c879ea846d96ee977e20a3289a154e28539fce8bbb1fa5508de5ab82242675d6
da22288b706a3af2a2853e0641b66f3c8da22785e8caf9921efdf4d9a59865d5
da3cd37471aa68924a0d0baceb8cc06c3d5a96a4132c3d6d1e468e24cb78272f
dd32fac27277a59e77fc030db5706270ebd0ac5f438d08f9a558d28c962e5e5a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df3d4ecb22a7a2ba43f7f6b889c40a913c9008b36de209858cb1e3b04886640f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3c6455ffdd0fe55ec8e25d3eb95c6ce3c114902a3510b5ec754a36e440bef8
f2e3de6b5975c4a925aec488912ada87d36d40e76e0a072ad17d94990a31690f
f3cf86a01a96be90aa06683a066b9d62325534e7d9c86edbff46e8b7d58491a5