urlscan.io logo urlscan.io
SecurityTrails logo

citigrand.work Open in urlscan Pro
198.252.103.74  Public Scan

Go To Rescan Add Verdict Report
URL: https://citigrand.work/
Submission: On July 20 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 37 HTTP transactions. The main IP is 198.252.103.74, located in Little Washington, United States and belongs to SOFTLAYER, US. The main domain is citigrand.work.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 20th 2020. Valid for: 3 months.
This is the only time citigrand.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 198.252.103.74 36351 (SOFTLAYER)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 31.220.110.187 47583 (AS-HOSTINGER)
1 2 2a00:1450:400... 15169 (GOOGLE)
4 216.58.212.162 15169 (GOOGLE)
7 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 210.211.116.252 38731 (VTDC-AS-V...)
1 125.212.217.61 7552 (VIETEL-AS...)
37 13
13    198.252.103.74 (Little Washington, United States)

ASN36351 (SOFTLAYER, US)
PTR: 198.252.103.74-static.reverse.arandomserver.com
citigrand.work
3    2606:4700:3036::6812:2b05 (United States)

ASN13335 (CLOUDFLARENET, US)
uhchat.net
1    2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    31.220.110.187 (United States)

ASN47583 (AS-HOSTINGER, LT)
giuseart.com
2    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
www.googleadservices.com
7    2606:4700:3033::681c:178a (United States)

ASN13335 (CLOUDFLARENET, US)
c.trazk.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    210.211.116.252 (Ho Chi Minh City, Viet Nam)

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)
localapi.trazk.com
1    125.212.217.61 (Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)
themes.trazk.com
Domain Requested by
13 citigrand.work citigrand.work
7 c.trazk.com www.googletagmanager.com
c.trazk.com
ajax.googleapis.com
4 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
c.trazk.com
3 uhchat.net citigrand.work
uhchat.net
2 localapi.trazk.com ajax.googleapis.com
2 www.google.de citigrand.work
2 www.google.com 2 redirects
2 googleads.g.doubleclick.net 2 redirects
2 www.google-analytics.com 1 redirects www.googletagmanager.com
1 themes.trazk.com c.trazk.com
1 ajax.googleapis.com c.trazk.com
1 stats.g.doubleclick.net citigrand.work
1 giuseart.com citigrand.work
1 www.googletagmanager.com citigrand.work
37 14

This site contains links to these domains. Also see Links.

Domain
www.cosaco.com.vn
zalo.me
Subject Issuer Validity Valid
www.citigrand.trananhvuong.com
Let's Encrypt Authority X3		 2020-07-20 -
2020-10-18		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-30 -
2020-10-09		 8 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
giuseart.com
Let's Encrypt Authority X3		 2020-05-23 -
2020-08-21		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
localapi.trazk.com
GoGetSSL RSA DV CA		 2019-10-04 -
2021-10-03		 2 years crt.sh
themes.trazk.com
GoGetSSL RSA DV CA		 2020-06-14 -
2020-09-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://citigrand.work/
Frame ID: 1E4D17B53076D6234D156C8DA0E8A944
Requests: 49 HTTP requests in this frame

Frame: https://uhchat.net/chat/?f=a5fde2&title=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&parent=https%3A%2F%2Fcitigrand.work%2F&ref=
Frame ID: C4EB065CD4C8614C7A4C4CE86C957896
Requests: 1 HTTP requests in this frame

Frame: https://c.trazk.com/v1.syncok.php?regid=&gclid=
Frame ID: 765007B0D7E94D38A7E474AE62206FC1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

37
Requests

100 %
HTTPS

64 %
IPv6

11
Domains

14
Subdomains

13
IPs

4
Countries

1295 kB
Transfer

2140 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=259858776&t=pageview&_s=1&dl=https%3A%2F%2Fcitigrand.work%2F&ul=en-us&de=UTF-8&dt=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1056693196&gjid=687071283&cid=2056204422.1595245890&tid=UA-144522217-5&_gid=1504872191.1595245890&_r=1&gtm=2wg78354PLXRD&z=85371717 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144522217-5&cid=2056204422.1595245890&jid=1056693196&_gid=1504872191.1595245890&gjid=687071283&_v=j83&z=85371717
Request Chain 29
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/636711408/?random=460590267&cv=9&fst=*&num=1&value=0&label=R1LBCLLlh9EBEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg783&sendb=1&ig=1&frm=0&url=https://citigrand.work/&tiba=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QYUVX-3ZJs2wlQeuu5zQDw&sscte=1&crd=&eitems=ChAI8IHV-AUQ26vD756i3IMcEh0AIQlehQIWoEWPndREAw07SSdDWlscQ6KXaOILkg HTTP 302
  • https://www.google.com/pagead/1p-conversion/636711408/?random=460590267&cv=9&fst=*&num=1&value=0&label=R1LBCLLlh9EBEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg783&sendb=1&ig=1&frm=0&url=https://citigrand.work/&tiba=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QYUVX-3ZJs2wlQeuu5zQDw&cid=CAQSKQCNIrLMpovqUJcmRnjdQQjtaahKEZlquyEK_VvCJDtRYLz6bAQ5tEoM&eitems=ChAI8IHV-AUQ26vD756i3IMcEh0AIQlehV1KMjQ-rdQ_01HW-tkBJVqsNff4v-n8Yg&random=2365208247&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/636711408/?random=460590267&cv=9&fst=*&num=1&value=0&label=R1LBCLLlh9EBEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg783&sendb=1&ig=1&frm=0&url=https://citigrand.work/&tiba=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QYUVX-3ZJs2wlQeuu5zQDw&cid=CAQSKQCNIrLMpovqUJcmRnjdQQjtaahKEZlquyEK_VvCJDtRYLz6bAQ5tEoM&eitems=ChAI8IHV-AUQ26vD756i3IMcEh0AIQlehV1KMjQ-rdQ_01HW-tkBJVqsNff4v-n8Yg&random=2365208247&resp=GooglemKTybQhCsO&ipr=y
Request Chain 49
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/636711408/?random=1921095257&cv=9&fst=*&num=1&label=OJF_CIzK_dABEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://citigrand.work/&tiba=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=RIUVX73JKLKDlQe247jYCg&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/636711408/?random=1921095257&cv=9&fst=*&num=1&label=OJF_CIzK_dABEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://citigrand.work/&tiba=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=RIUVX73JKLKDlQe247jYCg&random=2921647813&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/636711408/?random=1921095257&cv=9&fst=*&num=1&label=OJF_CIzK_dABEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://citigrand.work/&tiba=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=RIUVX73JKLKDlQe247jYCg&random=2921647813&resp=GooglemKTybQhCsO&ipr=y

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
citigrand.work/ 		86 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citigrand.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.103.74 Little Washington, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
198.252.103.74-static.reverse.arandomserver.com
Software
LiteSpeed / PHP/7.1.33
Resource Hash
7e55357e1d5ea56c7cc754567d3cacac5dd740f665c8043de7f1e92e639667f1

Request headers

:method
GET
:authority
citigrand.work
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
x-powered-by
PHP/7.1.33
content-type
text/html; charset=UTF-8
vary
Accept-Encoding, Cookie
cache-control
max-age=3, must-revalidate
content-length
16587
content-encoding
br
date
Mon, 20 Jul 2020 11:51:28 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
header-0ed093a25f487c1520cc7e5094a58b9da743e9d7.min.css
citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/ 		187 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/header-0ed093a25f487c1520cc7e5094a58b9da743e9d7.min.css
Requested by
Host: citigrand.work
URL: https://citigrand.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.103.74 Little Washington, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
198.252.103.74-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
4044745837fa603f6f2759ef798ee7accb70aacfdb49ddde2b120c7cb11713a9

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:28 GMT
content-encoding
br
last-modified
Thu, 16 Jul 2020 01:07:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
34135
expires
Mon, 27 Jul 2020 11:51:28 GMT
header-f0058641a050d28b94dd899c6780665c0c05dbf9.min.js
citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/ 		105 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/header-f0058641a050d28b94dd899c6780665c0c05dbf9.min.js
Requested by
Host: citigrand.work
URL: https://citigrand.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.103.74 Little Washington, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
198.252.103.74-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
fe297975dcbda8721049ef42884f5cdabd15bf50b0350ae81b52e5f24db3a625

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:28 GMT
content-encoding
br
last-modified
Thu, 16 Jul 2020 01:07:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
36299
expires
Mon, 27 Jul 2020 11:51:28 GMT
logo-citigrand.png
citigrand.work/wp-content/uploads/2020/05/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citigrand.work/wp-content/uploads/2020/05/logo-citigrand.png
Requested by
Host: citigrand.work
URL: https://citigrand.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.103.74 Little Washington, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
198.252.103.74-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
e3481e467134fa6f1f60da87314336e899dcb9481f7879fd447251aadb582935

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:29 GMT
last-modified
Tue, 26 May 2020 13:36:05 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13808
expires
Mon, 27 Jul 2020 11:51:29 GMT
delete-sign.png
citigrand.work/wp-content/plugins/wp-contact-slider/img/ 		838 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citigrand.work/wp-content/plugins/wp-contact-slider/img/delete-sign.png
Requested by
Host: citigrand.work
URL: https://citigrand.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.103.74 Little Washington, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
198.252.103.74-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
f17164d39bdf624fd93d1a3ce6f7a50e4848f1ba85abb5abc0e94f5caf79026e

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:29 GMT
last-modified
Wed, 20 May 2020 16:44:56 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
838
expires
Mon, 27 Jul 2020 11:51:29 GMT
footer-cd002d47eb3fdc5165ffc5a81385c60d17033285.min.js
citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/ 		232 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/footer-cd002d47eb3fdc5165ffc5a81385c60d17033285.min.js
Requested by
Host: citigrand.work
URL: https://citigrand.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.103.74 Little Washington, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
198.252.103.74-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
c360a764853727749c4be2b9a5da839abcbc94f0ecb0c181768621655b5b49ee

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:29 GMT
content-encoding
br
last-modified
Thu, 16 Jul 2020 01:07:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
66499
expires
Mon, 27 Jul 2020 11:51:29 GMT
code.php
uhchat.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uhchat.net/code.php?f=a5fde2
Requested by
Host: citigrand.work
URL: https://citigrand.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6812:2b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d7d603017ef734687a79df0937cc74b8a9150e6f7a3ae0e25c261d13788b85c

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html
status
200
cf-ray
5b5c78783f07dfeb-FRA
cf-request-id
040da99f220000dfeba2af0200000001
gtm.js
www.googletagmanager.com/ 		68 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-54PLXRD
Requested by
Host: citigrand.work
URL: https://citigrand.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77d890a0b11774090a01916599372d14b8e311c1ac6b3741e7daa0752fc68fea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:29 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27104
x-xss-protection
0
last-modified
Mon, 20 Jul 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 Jul 2020 11:51:29 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24d5dd213e8233a226357e6a375f5dbe161d246be65fe75d8536bca5ef18bfe5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33d24481ad9790edaff8e5d9587fb445846ef4d82130d59773e9ed602f5bd3ff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac0d4221b3719cc1be1df58e2c57a8821abf37b247c60095374b9c113ae5c515

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c32decf0c5d56b9747d14290edb9d779c234798820ff043272f0834b58c76ca

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cad472735192b57dbd97425e4c1fe844b2b260623b3aa23f990f1699fec2faa4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d413e7626f3cf55ef507c5b32b514aaafc318a84a2456d2dfdac844b03ab08b5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3489caa49670a556ef320d02cbdb449c15d4f1d93c6697914b8edb810e386d21

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfbb565655b81d226e060a8c4e88854a406c6d8f739d5c283a3b64c090f9ba73

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a192f04b288f5177a4fa5d9b378e63ae7ed9b873663609a2fd58e209630f627

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f5af67f3d67b997024fd8983f96ebe2e725dc7a6e93901b2df14459470d21d5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc0b877f420cc481e8499d66d02a97d9e1eef11309db0f03666416132aed22e8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90a25f1c70da859bd8b02ef32bd249523e768b797854a8584ad2d6bdc3da370a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d7684a8e1cf5d57b58ed3b0cf4c51ef136d851c6955226b0acf2c1ba4bafdb3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef92f6e1fa52b85237de280341403829010d588869f931af932a9fe42d551c4b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
slide3-1024x427.jpg
citigrand.work/wp-content/uploads/2020/05/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citigrand.work/wp-content/uploads/2020/05/slide3-1024x427.jpg
Requested by
Host: citigrand.work
URL: https://citigrand.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.103.74 Little Washington, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
198.252.103.74-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
f4e0601678a3e2d1b1df40f817794128fea417d08a1b7e01157f5072cf0efdb3

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:29 GMT
last-modified
Tue, 26 May 2020 13:30:52 GMT
server
LiteSpeed
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114842
expires
Mon, 27 Jul 2020 11:51:29 GMT
fl-icons.woff2
citigrand.work/wp-content/themes/flatsome/assets/css/icons/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citigrand.work/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
Requested by
Host: citigrand.work
URL: https://citigrand.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.103.74 Little Washington, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
198.252.103.74-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
558968cce04d4dffad0792278f0c14ab5e5b9f828ac3beeb9b900c448243f2da

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/header-0ed093a25f487c1520cc7e5094a58b9da743e9d7.min.css
Origin
https://citigrand.work

Response headers

status
200
date
Mon, 20 Jul 2020 11:51:29 GMT
last-modified
Fri, 07 Feb 2020 02:12:30 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
6128
content-type
font/woff2
zl.png
giuseart.com/wp-content/uploads/2020/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://giuseart.com/wp-content/uploads/2020/03/zl.png
Requested by
Host: citigrand.work
URL: https://citigrand.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.110.187 , United States, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c83021e41fa94a319a6a35aa7e951f8e426ebd9ccf8ed53d324c433083941a67

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:30 GMT
last-modified
Mon, 23 Mar 2020 02:16:10 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000,public
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
2590
expires
Wed, 19 Aug 2020 11:51:30 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54PLXRD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
5750
date
Mon, 20 Jul 2020 10:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 20 Jul 2020 12:15:39 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54PLXRD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
97651707b0ce18ff3ef4c0ac9dba90b63615fbfd6bc5b650da180f77099305f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11647
x-xss-protection
0
server
cafe
etag
1408120887153915613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 20 Jul 2020 11:51:29 GMT
c.js
c.trazk.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.trazk.com/c.js?_key=v6Qno5aVFqdmc2VzFaZ1lwVXdsTkVzRFowcVMrK01sSlUrS0s1SUY4UURnQT0=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54PLXRD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:178a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5ed6e938cc1ffeb49c9fb444784a7e32176dccceb54048dffff0170093ae228
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:30 GMT
content-encoding
br
status
200
cf-cache-status
MISS
server
cloudflare
x-frame-options
ALLOWALL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
5b5c7879c8039766-FRA
cf-request-id
040da9a01d00009766dfbdb200000001
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=259858776&t=pageview&_s=1&dl=https%3A%2F%2Fcitigrand.work%2F&ul=en-us&de=UTF-8&dt=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144522217-5&cid=2056204422.1595245890&jid=1056693196&_gid=1504872191.1595245890&gjid=687071283&_v=j83&z=85371717
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144522217-5&cid=2056204422.1595245890&jid=1056693196&_gid=1504872191.1595245890&gjid=687071283&_v=j83&z=85371717
Requested by
Host: citigrand.work
URL: https://citigrand.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 20 Jul 2020 11:51:29 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Jul 2020 11:51:29 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144522217-5&cid=2056204422.1595245890&jid=1056693196&_gid=1504872191.1595245890&gjid=687071283&_v=j83&z=85371717
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/636711408/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/636711408/?random=1595245889597&cv=9&fst=1595245889597&num=1&value=0&label=R1LBCLLlh9EBEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg783&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcitigrand.work%2F&tiba=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
2db6a0dc18ab10465773ce5296f4aa7c0b1deb93fce9488a9c6700efacf42834
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jul 2020 11:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1226
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/636711408/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/636711408/?random=460590267&cv=9&fst=*&num=1&value=0&label=R1LBCLLlh9EBEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...
  • https://www.google.com/pagead/1p-conversion/636711408/?random=460590267&cv=9&fst=*&num=1&value=0&label=R1LBCLLlh9EBEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=...
  • https://www.google.de/pagead/1p-conversion/636711408/?random=460590267&cv=9&fst=*&num=1&value=0&label=R1LBCLLlh9EBEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=2...
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/636711408/?random=460590267&cv=9&fst=*&num=1&value=0&label=R1LBCLLlh9EBEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg783&sendb=1&ig=1&frm=0&url=https://citigrand.work/&tiba=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QYUVX-3ZJs2wlQeuu5zQDw&cid=CAQSKQCNIrLMpovqUJcmRnjdQQjtaahKEZlquyEK_VvCJDtRYLz6bAQ5tEoM&eitems=ChAI8IHV-AUQ26vD756i3IMcEh0AIQlehV1KMjQ-rdQ_01HW-tkBJVqsNff4v-n8Yg&random=2365208247&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: citigrand.work
URL: https://citigrand.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jul 2020 11:51:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Jul 2020 11:51:29 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/636711408/?random=460590267&cv=9&fst=*&num=1&value=0&label=R1LBCLLlh9EBEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg783&sendb=1&ig=1&frm=0&url=https://citigrand.work/&tiba=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QYUVX-3ZJs2wlQeuu5zQDw&cid=CAQSKQCNIrLMpovqUJcmRnjdQQjtaahKEZlquyEK_VvCJDtRYLz6bAQ5tEoM&eitems=ChAI8IHV-AUQ26vD756i3IMcEh0AIQlehV1KMjQ-rdQ_01HW-tkBJVqsNff4v-n8Yg&random=2365208247&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
uhchat.net/chat/ Frame C4EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://uhchat.net/chat/?f=a5fde2&title=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&parent=https%3A%2F%2Fcitigrand.work%2F&ref=
Requested by
Host: uhchat.net
URL: https://uhchat.net/code.php?f=a5fde2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6812:2b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
uhchat.net
:scheme
https
:path
/chat/?f=a5fde2&title=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&parent=https%3A%2F%2Fcitigrand.work%2F&ref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://citigrand.work/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=6295bbdfcd224b602558fa55ea3411d08fdb840a-1595245889-1800-ASLhQS20m78yEO4P3RX1BTI/w8xFVEULvcyBJkeu9FXHBCVQGEcDnuJzRWm6iHnV8BuytdX+KUcXqksZvU4l1zw=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://citigrand.work/

Response headers

status
200
date
Mon, 20 Jul 2020 11:51:30 GMT
content-type
text/html
set-cookie
__cfduid=deff47324863876ab07bd62762b6172411595245889; expires=Wed, 19-Aug-20 11:51:29 GMT; path=/; domain=.uhchat.net; HttpOnly; SameSite=Lax thoigianvaoa5fde2=1595245890; expires=Tue, 21-Jul-2020 11:51:30 GMT chattudonga5fde2=1595245890; expires=Mon, 20-Jul-2020 12:51:30 GMT __cf_bm=eef02958a784bc2a594e137cab5e49535a36d91a-1595245890-1800-Afs3eNMmmOF7/EgAd+a4+eOZQlZgnsfkiwpfT8SnzP978smsvNzYh+Et3NFnAl4QWCNF5Ul89rvyupf2s+FgTnE=; path=/; expires=Mon, 20-Jul-20 12:21:30 GMT; domain=.uhchat.net; HttpOnly; Secure; SameSite=None
expires
Sat, 01 Jan 2005 00:00:00 GMT
last-modified
Mon, 20 Jul 2020 11:51:30GMT
cache-control
no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
040da9a0de0000dfeba2b21200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5b5c787afdbfdfeb-FRA
content-encoding
br
chat-11.png
uhchat.net/themes/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uhchat.net/themes/chat-11.png
Requested by
Host: citigrand.work
URL: https://citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/header-f0058641a050d28b94dd899c6780665c0c05dbf9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6812:2b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2454d27adafe5b2e2d50f17466ea8ca384780db7b847eabf71c74bcceedb19a

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:29 GMT
cf-cache-status
HIT
age
31210275
status
200
content-length
7784
cf-request-id
040da9a0de0000dfeba2b22200000001
last-modified
Mon, 18 Jul 2016 03:54:30 GMT
server
cloudflare
etag
"578c52f6-1e68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5b5c787afdc1dfeb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
refill
citigrand.work/wp-json/contact-form-7/v1/contact-forms/116/ 		2 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citigrand.work/wp-json/contact-form-7/v1/contact-forms/116/refill
Requested by
Host: citigrand.work
URL: https://citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/header-f0058641a050d28b94dd899c6780665c0c05dbf9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.103.74 Little Washington, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
198.252.103.74-static.reverse.arandomserver.com
Software
LiteSpeed / PHP/7.1.33
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://citigrand.work/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
LiteSpeed
link
<https://citigrand.work/wp-json/>; rel="https://api.w.org/"
x-powered-by
PHP/7.1.33
allow
GET
content-type
application/json; charset=UTF-8
status
200
vary
Accept-Encoding, Cookie, Origin
x-robots-tag
noindex
access-control-allow-headers
Authorization, Content-Type
content-length
6
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
refill
citigrand.work/wp-json/contact-form-7/v1/contact-forms/116/ 		2 B
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citigrand.work/wp-json/contact-form-7/v1/contact-forms/116/refill
Requested by
Host: citigrand.work
URL: https://citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/header-f0058641a050d28b94dd899c6780665c0c05dbf9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.103.74 Little Washington, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
198.252.103.74-static.reverse.arandomserver.com
Software
LiteSpeed / PHP/7.1.33
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://citigrand.work/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
LiteSpeed
link
<https://citigrand.work/wp-json/>; rel="https://api.w.org/"
x-powered-by
PHP/7.1.33
allow
GET
content-type
application/json; charset=UTF-8
status
200
vary
Accept-Encoding, Cookie, Origin
x-robots-tag
noindex
access-control-allow-headers
Authorization, Content-Type
content-length
6
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
refill
citigrand.work/wp-json/contact-form-7/v1/contact-forms/197/ 		2 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citigrand.work/wp-json/contact-form-7/v1/contact-forms/197/refill
Requested by
Host: citigrand.work
URL: https://citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/header-f0058641a050d28b94dd899c6780665c0c05dbf9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.103.74 Little Washington, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
198.252.103.74-static.reverse.arandomserver.com
Software
LiteSpeed / PHP/7.1.33
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://citigrand.work/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
LiteSpeed
link
<https://citigrand.work/wp-json/>; rel="https://api.w.org/"
x-powered-by
PHP/7.1.33
allow
GET
content-type
application/json; charset=UTF-8
status
200
vary
Accept-Encoding, Cookie, Origin
x-robots-tag
noindex
access-control-allow-headers
Authorization, Content-Type
content-length
6
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
ajax-loader.gif
citigrand.work/wp-content/plugins/contact-form-7/images/ 		847 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citigrand.work/wp-content/plugins/contact-form-7/images/ajax-loader.gif
Requested by
Host: citigrand.work
URL: https://citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/footer-cd002d47eb3fdc5165ffc5a81385c60d17033285.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.103.74 Little Washington, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
198.252.103.74-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877

Request headers

Referer
https://citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/header-0ed093a25f487c1520cc7e5094a58b9da743e9d7.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:29 GMT
last-modified
Wed, 20 May 2020 05:46:56 GMT
server
LiteSpeed
content-type
image/gif
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
847
expires
Mon, 27 Jul 2020 11:51:29 GMT
6532865c6dff95a1ccee.jpg
citigrand.work/wp-content/uploads/2020/05/ 		801 KB
802 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citigrand.work/wp-content/uploads/2020/05/6532865c6dff95a1ccee.jpg
Requested by
Host: citigrand.work
URL: https://citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/footer-cd002d47eb3fdc5165ffc5a81385c60d17033285.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.103.74 Little Washington, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
198.252.103.74-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
157bcd0a28191c0042b9412849f5bd6d777888efce78adbaa3195672fdedf14c

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:29 GMT
last-modified
Tue, 26 May 2020 13:30:16 GMT
server
LiteSpeed
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820299
expires
Mon, 27 Jul 2020 11:51:29 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: c.trazk.com
URL: https://c.trazk.com/c.js?_key=v6Qno5aVFqdmc2VzFaZ1lwVXdsTkVzRFowcVMrK01sSlUrS0s1SUY4UURnQT0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 13:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3278380
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Jun 2021 13:11:50 GMT
convert.php
localapi.trazk.com/widgets/api/ 		31 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://localapi.trazk.com/widgets/api/convert.php?task=all&domain=citigrand.work
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.211.116.252 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software
nginx /
Resource Hash
e67fb2ad31203de5a297033097a1442773c823ff6dc71f7fb26353e46270538d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 20 Jul 2020 11:51:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
v1.syncok.php
c.trazk.com/ Frame 7650 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.trazk.com/v1.syncok.php?regid=&gclid=
Requested by
Host: c.trazk.com
URL: https://c.trazk.com/c.js?_key=v6Qno5aVFqdmc2VzFaZ1lwVXdsTkVzRFowcVMrK01sSlUrS0s1SUY4UURnQT0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:178a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

:method
GET
:authority
c.trazk.com
:scheme
https
:path
/v1.syncok.php?regid=&gclid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://citigrand.work/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://citigrand.work/

Response headers

status
200
date
Mon, 20 Jul 2020 11:51:30 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d744119c33683f926ec9b104e5352a7651595245890; expires=Wed, 19-Aug-20 11:51:30 GMT; path=/; domain=.trazk.com; HttpOnly; SameSite=Lax
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-origin
https://c.trazk.com *
x-frame-options
ALLOWALL
cf-cache-status
DYNAMIC
cf-request-id
040da9a22800009766dfbf9200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5b5c787d0bba9766-FRA
content-encoding
br
v2.ick.php
c.trazk.com/ 		1 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.trazk.com/v2.ick.php?k=b3duZXJJZD02MzI0MyZ1dWlkPTE2OTM0MjIzOTUxNTk1MjQ1ODkwJnRpdGxlPUNJVEklMjBHUkFORCUyMC0lMjBTJUMzJUI0JUNDJTgxbmclMjBYYW5oJTIwTSVDMyVCNCVDQyU4M2klMjBOZ2ElQ0MlODB5JTIwQ3UlQ0MlODBuZyUyMENJVElHUkFORCUyMC0lMjBDaGklQ0MlODklMjB0JUM2JUIwJUNDJTgwJTIwMiUyQzElMjB0eSVDQyU4OS4maHJlZj1odHRwcyUzQSUyRiUyRmNpdGlncmFuZC53b3JrJTJGJnRvcGQ9Y2l0aWdyYW5kLndvcmsmbWV0YWRhdGE9JnV0bV9zb3VyY2U9JnV0bV9tZWRpdW09JnV0bV9jYW1wYWlnbj0mZ2NsaWQ9
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:178a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Accept
*/*
Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:31 GMT
content-encoding
br
status
200
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
ALLOWALL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
5b5c788369cf175a-FRA
cf-request-id
040da9a6240000175abcb83200000001
widgetLoader.min.js
c.trazk.com/widgets/clients/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.trazk.com/widgets/clients/widgetLoader.min.js?uuid=&hostname=citigrand.work
Requested by
Host: c.trazk.com
URL: https://c.trazk.com/c.js?_key=v6Qno5aVFqdmc2VzFaZ1lwVXdsTkVzRFowcVMrK01sSlUrS0s1SUY4UURnQT0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:178a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba1384100563186a5d399248333ddd3ac59a0b39d313b5b7da4f4cf2e5c67915
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:31 GMT
content-encoding
br
cf-cache-status
MISS
status
200
cf-request-id
040da9a61300009766df829200000001
pragma
public
last-modified
Fri, 22 May 2020 06:41:26 GMT
server
cloudflare
x-frame-options
ALLOWALL
etag
W/"5ec77416-ab87"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
5b5c788359b29766-FRA
expires
Wed, 19 Aug 2020 11:51:31 GMT
__citigrand.work__.js
c.trazk.com/widgets/clients/cache/analytics/ 		0
95 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.trazk.com/widgets/clients/cache/analytics/__citigrand.work__.js
Requested by
Host: c.trazk.com
URL: https://c.trazk.com/c.js?_key=v6Qno5aVFqdmc2VzFaZ1lwVXdsTkVzRFowcVMrK01sSlUrS0s1SUY4UURnQT0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:178a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:32 GMT
status
301
cf-cache-status
MISS
server
cloudflare
x-frame-options
ALLOWALL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
5b5c78863c4b9766-FRA
cf-request-id
040da9a7e600009766df846200000001
__citigrand.work__.js
c.trazk.com/widgets/clients/cache/conversion/ 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.trazk.com/widgets/clients/cache/conversion/__citigrand.work__.js
Requested by
Host: c.trazk.com
URL: https://c.trazk.com/c.js?_key=v6Qno5aVFqdmc2VzFaZ1lwVXdsTkVzRFowcVMrK01sSlUrS0s1SUY4UURnQT0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:178a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:31 GMT
status
301
cf-cache-status
MISS
server
cloudflare
x-frame-options
ALLOWALL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
5b5c78863c4c9766-FRA
cf-request-id
040da9a7e600009766df847200000001
index.php
localapi.trazk.com/widgets/api/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://localapi.trazk.com/widgets/api/index.php?task=loadOnlineWidgetByDomain&domain=citigrand.work
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.211.116.252 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software
nginx /
Resource Hash
a120b082b230afc6f8cff38c542a66111345e49c53af646600f7a179ce000d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 20 Jul 2020 11:51:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
bundle.js
themes.trazk.com/chat/widget/dist/ 		266 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themes.trazk.com/chat/widget/dist/bundle.js?v=1.2
Requested by
Host: c.trazk.com
URL: https://c.trazk.com/c.js?_key=v6Qno5aVFqdmc2VzFaZ1lwVXdsTkVzRFowcVMrK01sSlUrS0s1SUY4UURnQT0=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.212.217.61 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
nginx /
Resource Hash
e56f84533fc65ab25bd1f2531142728362df720d104520f6100c607346dbe7cd

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 20 Jul 2020 11:51:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Jun 2020 02:54:28 GMT
Server
nginx
ETag
W/"5ee83464-42990"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
c-c.js
c.trazk.com/ 		299 B
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.trazk.com/c-c.js?_key=v6Qno5aVFqdmc2VzFaZ1lwVXdsTkVzRFowcVMrK01sSlUrS0s1SUY4UURnQT0=
Requested by
Host: c.trazk.com
URL: https://c.trazk.com/c.js?_key=v6Qno5aVFqdmc2VzFaZ1lwVXdsTkVzRFowcVMrK01sSlUrS0s1SUY4UURnQT0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:178a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f272d4bf634f11c1ae69c5040bc77d0840c493b684f339b3352271d52eee3a
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:32 GMT
content-encoding
br
status
200
cf-cache-status
MISS
server
cloudflare
x-frame-options
ALLOWALL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*, *
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
5b5c78893eb49766-FRA
access-control-allow-headers
*
cf-request-id
040da9a9c000009766df85d200000001
conversion.js
www.googleadservices.com/pagead/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: c.trazk.com
URL: https://c.trazk.com/c-c.js?_key=v6Qno5aVFqdmc2VzFaZ1lwVXdsTkVzRFowcVMrK01sSlUrS0s1SUY4UURnQT0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
d00b100bca6ddea7af0ef559e6051eeaa3f59c732b586ac2495324cdd70dfc2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 11:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11554
x-xss-protection
0
server
cafe
etag
15723108647877884466
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 20 Jul 2020 11:51:32 GMT
/
www.googleadservices.com/pagead/conversion/636711408/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/636711408/?random=1595245892629&cv=9&fst=1595245892629&num=1&label=OJF_CIzK_dABEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcitigrand.work%2F&tiba=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
d9958d4bd694480031b653970807a24f8b43cf2e9c1b9e9d02d1e378cf07ca91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jul 2020 11:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1140
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/636711408/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/636711408/?random=1921095257&cv=9&fst=*&num=1&label=OJF_CIzK_dABEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
  • https://www.google.com/pagead/1p-conversion/636711408/?random=1921095257&cv=9&fst=*&num=1&label=OJF_CIzK_dABEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_hi...
  • https://www.google.de/pagead/1p-conversion/636711408/?random=1921095257&cv=9&fst=*&num=1&label=OJF_CIzK_dABEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his...
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/636711408/?random=1921095257&cv=9&fst=*&num=1&label=OJF_CIzK_dABEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://citigrand.work/&tiba=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=RIUVX73JKLKDlQe247jYCg&random=2921647813&resp=GooglemKTybQhCsO&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://citigrand.work/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jul 2020 11:51:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Jul 2020 11:51:32 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/636711408/?random=1921095257&cv=9&fst=*&num=1&label=OJF_CIzK_dABEPDjza8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://citigrand.work/&tiba=CITI%20GRAND%20-%20S%C3%B4%CC%81ng%20Xanh%20M%C3%B4%CC%83i%20Nga%CC%80y%20Cu%CC%80ng%20CITIGRAND%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=RIUVX73JKLKDlQe247jYCg&random=2921647813&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fvmuag undefined| $ function| jQuery object| dataLayer function| wpcs_open_slider_192 function| wpcs_close_slider_192 object| wpcf7 object| flatsomeVars object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| StickySidebar function| Waypoint object| __core-js_shared__ object| Flatsome string| waypointContextKey object| jQuery1124014304686947089595 function| objectFitImages function| cookie object| wp function| jQueryBridget function| getSize function| EvEmitter function| matchesSelector object| fizzyUIUtils function| Outlayer function| Packery function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| getuhchatCookie function| setuhchatCookie number| vitridau function| uhchatClick boolean| uhchatduplicate function| getTrazkCookie object| _trazurl string| href string| host string| title string| _utm_source string| _utm_medium string| _utm_campaign string| _gclid string| eee function| $j string| keyv6 string| _key string| _ownerId string| page_root string| widgetURL function| loadScriptAsync function| setTrazkCookie function| onMessage function| syncCookie function| logVisitorHistory function| logWidgetsHistory function| updateInfors function| loadIframe function| autoDetectInfo function| adwordsConversion function| loadWidgets function| sendGoogleEvent function| loadFFFTrack function| loadJqueryRemote function| convertOldData function| startTrazk string| nnn string| ttt string| ppp function| sendLocalLog string| modalJsCSS function| initChatApp function| getCookie function| refeshData function| mobilecheck object| google_conversion_id object| google_conversion_label object| google_remarketing_only object| fac object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| google_custom_params object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params object| google_transport_url object| fffchat

2 Cookies

Domain/Path Name / Value
c.trazk.com/ Name: uuid
Value: 16934223951595245890
citigrand.work/ Name: uuid
Value: 16934223951595245890

1 Console Messages

Source Level URL
Text
console-api log URL: https://citigrand.work/wp-content/uploads/cache/fvm/1594861377/out/header-f0058641a050d28b94dd899c6780665c0c05dbf9.min.js(Line 15)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c.trazk.com
citigrand.work
giuseart.com
googleads.g.doubleclick.net
localapi.trazk.com
stats.g.doubleclick.net
themes.trazk.com
uhchat.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
125.212.217.61
198.252.103.74
210.211.116.252
216.58.212.162
2606:4700:3033::681c:178a
2606:4700:3036::6812:2b05
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:808::2002
2a00:1450:4001:815::2008
2a00:1450:4001:815::200a
2a00:1450:4001:816::200e
2a00:1450:400c:c00::9b
31.220.110.187
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
157bcd0a28191c0042b9412849f5bd6d777888efce78adbaa3195672fdedf14c
24d5dd213e8233a226357e6a375f5dbe161d246be65fe75d8536bca5ef18bfe5
2db6a0dc18ab10465773ce5296f4aa7c0b1deb93fce9488a9c6700efacf42834
33d24481ad9790edaff8e5d9587fb445846ef4d82130d59773e9ed602f5bd3ff
3489caa49670a556ef320d02cbdb449c15d4f1d93c6697914b8edb810e386d21
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3d7684a8e1cf5d57b58ed3b0cf4c51ef136d851c6955226b0acf2c1ba4bafdb3
4044745837fa603f6f2759ef798ee7accb70aacfdb49ddde2b120c7cb11713a9
48f272d4bf634f11c1ae69c5040bc77d0840c493b684f339b3352271d52eee3a
4c32decf0c5d56b9747d14290edb9d779c234798820ff043272f0834b58c76ca
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
558968cce04d4dffad0792278f0c14ab5e5b9f828ac3beeb9b900c448243f2da
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877
6d7d603017ef734687a79df0937cc74b8a9150e6f7a3ae0e25c261d13788b85c
6f5af67f3d67b997024fd8983f96ebe2e725dc7a6e93901b2df14459470d21d5
77d890a0b11774090a01916599372d14b8e311c1ac6b3741e7daa0752fc68fea
7e55357e1d5ea56c7cc754567d3cacac5dd740f665c8043de7f1e92e639667f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90a25f1c70da859bd8b02ef32bd249523e768b797854a8584ad2d6bdc3da370a
97651707b0ce18ff3ef4c0ac9dba90b63615fbfd6bc5b650da180f77099305f6
9a192f04b288f5177a4fa5d9b378e63ae7ed9b873663609a2fd58e209630f627
a120b082b230afc6f8cff38c542a66111345e49c53af646600f7a179ce000d6b
ac0d4221b3719cc1be1df58e2c57a8821abf37b247c60095374b9c113ae5c515
ba1384100563186a5d399248333ddd3ac59a0b39d313b5b7da4f4cf2e5c67915
c2454d27adafe5b2e2d50f17466ea8ca384780db7b847eabf71c74bcceedb19a
c360a764853727749c4be2b9a5da839abcbc94f0ecb0c181768621655b5b49ee
c83021e41fa94a319a6a35aa7e951f8e426ebd9ccf8ed53d324c433083941a67
cad472735192b57dbd97425e4c1fe844b2b260623b3aa23f990f1699fec2faa4
cc0b877f420cc481e8499d66d02a97d9e1eef11309db0f03666416132aed22e8
d00b100bca6ddea7af0ef559e6051eeaa3f59c732b586ac2495324cdd70dfc2a
d413e7626f3cf55ef507c5b32b514aaafc318a84a2456d2dfdac844b03ab08b5
d9958d4bd694480031b653970807a24f8b43cf2e9c1b9e9d02d1e378cf07ca91
dfbb565655b81d226e060a8c4e88854a406c6d8f739d5c283a3b64c090f9ba73
e3481e467134fa6f1f60da87314336e899dcb9481f7879fd447251aadb582935
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56f84533fc65ab25bd1f2531142728362df720d104520f6100c607346dbe7cd
e67fb2ad31203de5a297033097a1442773c823ff6dc71f7fb26353e46270538d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef92f6e1fa52b85237de280341403829010d588869f931af932a9fe42d551c4b
f17164d39bdf624fd93d1a3ce6f7a50e4848f1ba85abb5abc0e94f5caf79026e
f4e0601678a3e2d1b1df40f817794128fea417d08a1b7e01157f5072cf0efdb3
f5ed6e938cc1ffeb49c9fb444784a7e32176dccceb54048dffff0170093ae228
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe297975dcbda8721049ef42884f5cdabd15bf50b0350ae81b52e5f24db3a625