urlscan.io logo urlscan.io
SecurityTrails logo

citigymhappyrun.myruntime.com Open in urlscan Pro
174.138.25.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://citigymhappyrun.myruntime.com/
Effective URL: https://citigymhappyrun.myruntime.com/register
Submission: On December 13 via automatic, source certstream-suspicious — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 24 HTTP transactions. The main IP is 174.138.25.1, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is citigymhappyrun.myruntime.com.
TLS certificate: Issued by E5 on December 13th 2024. Valid for: 3 months.
This is the only time citigymhappyrun.myruntime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 174.138.25.1 14061 (DIGITALOC...)
1 142.251.175.95 15169 (GOOGLE)
1 142.251.10.94 15169 (GOOGLE)
2 157.240.13.35 32934 (FACEBOOK)
7 23.41.79.239 16625 (AKAMAI-AS)
24 6
12    174.138.25.1 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
citigymhappyrun.myruntime.com
1    142.251.175.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f95.1e100.net
fonts.googleapis.com
1    142.251.10.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
fonts.gstatic.com
2    157.240.13.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-sin6.facebook.com
www.facebook.com
7    23.41.79.239 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-79-239.deploy.static.akamaitechnologies.com
de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com
Apex Domain
Subdomains		 Transfer
12 myruntime.com
citigymhappyrun.myruntime.com
885 KB
7 rackcdn.com
de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com
1 MB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120 Failed
1 gstatic.com
fonts.gstatic.com
47 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
24 5
Domain Requested by
12 citigymhappyrun.myruntime.com 1 redirects citigymhappyrun.myruntime.com
7 de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com
2 www.facebook.com citigymhappyrun.myruntime.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com citigymhappyrun.myruntime.com
24 5

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.waterfronthotels.com.ph
Subject Issuer Validity Valid
citigymhappyrun.myruntime.com
E5		 2024-12-13 -
2025-03-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-22 -
2024-12-21		 3 months crt.sh
*.ssl.cf4.rackcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-11-20 -
2025-11-21		 a year crt.sh

This page contains 3 frames:

Primary Page: https://citigymhappyrun.myruntime.com/register
Frame ID: 865CDD861EC8F7D11ECEFF4CB01DD80C
Requests: 20 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/CITIGYM/&tabs=timeline&width=328&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 4C81F8183B32DC0DFB82BC1FE61EF694
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/CITIGYM/&tabs=timeline&width=328&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: D6BDB8BA0DF6DD949EC0145AE3FC9EFA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Citigym Happy Run 2025

Page URL History Show full URLs

  1. https://citigymhappyrun.myruntime.com/ HTTP 302
    https://citigymhappyrun.myruntime.com/register Page URL

Page Statistics

24
Requests

92 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

2276 kB
Transfer

5132 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://citigymhappyrun.myruntime.com/ HTTP 302
    https://citigymhappyrun.myruntime.com/register Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request register
citigymhappyrun.myruntime.com/
Redirect Chain
  • https://citigymhappyrun.myruntime.com/
  • https://citigymhappyrun.myruntime.com/register
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citigymhappyrun.myruntime.com/register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.25.1 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
75e656f220672a86b6b0ef5fee66a88f4841b9157f8e5d1c94dc1312c63723ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Dec 2024 12:06:16 GMT
ETag
W/"13c1-qJeVVjxmj3271+iw+R6s0vXzN1I"
Expires
0
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
Surrogate-Control
no-store
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
136
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Dec 2024 12:06:16 GMT
Expires
0
Location
https://citigymhappyrun.myruntime.com/register
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
Surrogate-Control
no-store
Vary
Accept, Accept-Encoding
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
style.css
citigymhappyrun.myruntime.com/css/ 		770 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citigymhappyrun.myruntime.com/css/style.css
Requested by
Host: citigymhappyrun.myruntime.com
URL: https://citigymhappyrun.myruntime.com/register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.25.1 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a66baa1c34213597abdfa6b95916244793a0f65c4f1bac4ed4eaf2f52f5a814e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/register

Response headers

Surrogate-Control
no-store
Content-Encoding
gzip
ETag
W/"302-191d89d1120"
X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Expires
0
Date
Fri, 13 Dec 2024 12:06:16 GMT
Content-Type
text/css; charset=UTF-8
Last-Modified
Mon, 09 Sep 2024 21:07:37 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Pragma
no-cache
Connection
keep-alive
X-Download-Options
noopen
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0 (Ubuntu)
simple-nav-menu.css
citigymhappyrun.myruntime.com/components/navMenu/dist/styles/ 		496 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citigymhappyrun.myruntime.com/components/navMenu/dist/styles/simple-nav-menu.css
Requested by
Host: citigymhappyrun.myruntime.com
URL: https://citigymhappyrun.myruntime.com/register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.25.1 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ee7f55fdd2d9c48e75fd36c0dfe63da3a8de4c4d3cf3eb2e4ec4ae7603526e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/register

Response headers

Surrogate-Control
no-store
Content-Encoding
gzip
ETag
W/"7bfc0-192e14e6a3e"
X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Expires
0
Date
Fri, 13 Dec 2024 12:06:16 GMT
Content-Type
text/css; charset=UTF-8
Last-Modified
Thu, 31 Oct 2024 06:41:05 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Pragma
no-cache
Connection
keep-alive
X-Download-Options
noopen
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0 (Ubuntu)
online-reg-2024.css
citigymhappyrun.myruntime.com/components/onlineReg/dist/styles/ 		1 MB
176 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citigymhappyrun.myruntime.com/components/onlineReg/dist/styles/online-reg-2024.css
Requested by
Host: citigymhappyrun.myruntime.com
URL: https://citigymhappyrun.myruntime.com/register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.25.1 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7ab3ff5020e8b041f9a3b35d0af658f3daeebdd532e44a5cd65d3d75e4aac3e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/register

Response headers

Surrogate-Control
no-store
Content-Encoding
gzip
ETag
W/"11e8c7-19306f1cddb"
X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Expires
0
Date
Fri, 13 Dec 2024 12:06:16 GMT
Content-Type
text/css; charset=UTF-8
Last-Modified
Thu, 07 Nov 2024 14:05:30 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Pragma
no-cache
Connection
keep-alive
X-Download-Options
noopen
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0 (Ubuntu)
vendor.js
citigymhappyrun.myruntime.com/components/resources/dist/ 		226 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citigymhappyrun.myruntime.com/components/resources/dist/vendor.js
Requested by
Host: citigymhappyrun.myruntime.com
URL: https://citigymhappyrun.myruntime.com/register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.25.1 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8cb5573688e81742b95c36b16c7f6d33f8d93f0fcfb796a98bb96f050e3fd765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/register

Response headers

Surrogate-Control
no-store
Content-Encoding
gzip
ETag
W/"38733-17c3a4c967b"
X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Expires
0
Date
Fri, 13 Dec 2024 12:06:16 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Fri, 01 Oct 2021 05:21:10 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Pragma
no-cache
Connection
keep-alive
X-Download-Options
noopen
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0 (Ubuntu)
simple-nav-menu.js
citigymhappyrun.myruntime.com/components/navMenu/dist/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citigymhappyrun.myruntime.com/components/navMenu/dist/simple-nav-menu.js
Requested by
Host: citigymhappyrun.myruntime.com
URL: https://citigymhappyrun.myruntime.com/register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.25.1 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5fbf3a136b38380447a8474ad4d32b696518ae9cfc5a59f490de46585f9630b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/register

Response headers

Surrogate-Control
no-store
Content-Encoding
gzip
ETag
W/"18993-19329666fc3"
X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Expires
0
Date
Fri, 13 Dec 2024 12:06:16 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Thu, 14 Nov 2024 06:39:59 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Pragma
no-cache
Connection
keep-alive
X-Download-Options
noopen
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0 (Ubuntu)
online-reg-2024.js
citigymhappyrun.myruntime.com/components/onlineReg/dist/ 		2 MB
388 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citigymhappyrun.myruntime.com/components/onlineReg/dist/online-reg-2024.js
Requested by
Host: citigymhappyrun.myruntime.com
URL: https://citigymhappyrun.myruntime.com/register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.25.1 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
519de7464af9ab14d7b2bd541291c10ee50deb4b027ab9f48969e77a69761179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/register

Response headers

Surrogate-Control
no-store
Content-Encoding
gzip
ETag
W/"19476a-19306f1cdb7"
X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Expires
0
Date
Fri, 13 Dec 2024 12:06:16 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Thu, 07 Nov 2024 14:05:30 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Pragma
no-cache
Connection
keep-alive
X-Download-Options
noopen
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0 (Ubuntu)
css2
fonts.googleapis.com/ 		29 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap
Requested by
Host: citigymhappyrun.myruntime.com
URL: https://citigymhappyrun.myruntime.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f95.1e100.net
Software
ESF /
Resource Hash
688d6577ebeea79fd6e9ab9d09f9ac69a2cca4e6f2060776e9326aba482176bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 12:06:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 12:06:16 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 13 Dec 2024 10:07:52 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style.css
citigymhappyrun.myruntime.com/css/ 		770 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citigymhappyrun.myruntime.com/css/style.css
Requested by
Host: citigymhappyrun.myruntime.com
URL: https://citigymhappyrun.myruntime.com/register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.25.1 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a66baa1c34213597abdfa6b95916244793a0f65c4f1bac4ed4eaf2f52f5a814e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/register

Response headers

Surrogate-Control
no-store
Content-Encoding
gzip
ETag
W/"302-191d89d1120"
X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Expires
0
Date
Fri, 13 Dec 2024 12:06:16 GMT
Content-Type
text/css; charset=UTF-8
Last-Modified
Mon, 09 Sep 2024 21:07:37 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Pragma
no-cache
Connection
keep-alive
X-Download-Options
noopen
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0 (Ubuntu)
HAPPY-LOGO.jpg
citigymhappyrun.myruntime.com/images/citigym/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citigymhappyrun.myruntime.com/images/citigym/HAPPY-LOGO.jpg
Requested by
Host: citigymhappyrun.myruntime.com
URL: https://citigymhappyrun.myruntime.com/register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.25.1 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
58554e8cad01aff4b4ff915af9c1f62cc38c203949a119093111d146a7d01ce8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/register

Response headers

Surrogate-Control
no-store
ETag
W/"1a7b5-193bfe6aa71"
X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Expires
0
Date
Fri, 13 Dec 2024 12:06:16 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 13 Dec 2024 12:03:05 GMT
X-Frame-Options
SAMEORIGIN
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Pragma
no-cache
Connection
keep-alive
X-Download-Options
noopen
Accept-Ranges
bytes
Content-Length
108469
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0 (Ubuntu)
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://citigymhappyrun.myruntime.com
Referer
https://fonts.googleapis.com/

Response headers

age
342941
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 09 Dec 2025 12:50:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 12:50:35 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
citigym-happy-run-2025
citigymhappyrun.myruntime.com/appEventsService/api/v1/getAppEventDetails/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citigymhappyrun.myruntime.com/appEventsService/api/v1/getAppEventDetails/citigym-happy-run-2025?userAgent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36
Requested by
Host: citigymhappyrun.myruntime.com
URL: https://citigymhappyrun.myruntime.com/components/resources/dist/vendor.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.25.1 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
df692ce35d718d80d5ca42d0ed6ec4046f27179460be024642e4b5b7f3c955ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://citigymhappyrun.myruntime.com/register

Response headers

Surrogate-Control
no-store
Content-Encoding
gzip
ETag
W/"3dbe-SrB2qHw+I6WeA1WVckXv/133Z2w"
X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Expires
0
Date
Fri, 13 Dec 2024 12:06:17 GMT
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Pragma
no-cache
Connection
keep-alive
X-Download-Options
noopen
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0 (Ubuntu)
favicon.png
citigymhappyrun.myruntime.com/images/citigym/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://citigymhappyrun.myruntime.com/images/citigym/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.25.1 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7ed01eec5fa2013d60cee5fec621dbd2a19a6c29c806b04f607f5c0ddc43cc66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/register

Response headers

Surrogate-Control
no-store
ETag
W/"13e6-193bfe6aa71"
X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Expires
0
Date
Fri, 13 Dec 2024 12:06:17 GMT
Content-Type
image/png
Last-Modified
Fri, 13 Dec 2024 12:03:05 GMT
X-Frame-Options
SAMEORIGIN
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Pragma
no-cache
Connection
keep-alive
X-Download-Options
noopen
Accept-Ranges
bytes
Content-Length
5094
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0 (Ubuntu)
page.php
www.facebook.com/plugins/ Frame 4C81 		0
0
page.php
www.facebook.com/plugins/ Frame D6BD 		0
0
page.php
www.facebook.com/plugins/ Frame 4C81 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/CITIGYM/&tabs=timeline&width=328&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: citigymhappyrun.myruntime.com
URL: https://citigymhappyrun.myruntime.com/components/resources/dist/vendor.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.13.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-sin6.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://citigymhappyrun.myruntime.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 13 Dec 2024 12:06:18 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
priority
u=0,i
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447866612048649228"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447866612048649228", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4775, tp=15, tpl=0, uplat=246, ullat=0
x-fb-debug
9qEdKQTgb0GSYSep9BKVApd/1HzWbu2tmgAVJr8qnK/QGFpCEUK0CKdljUpZHi6T2nszCH/K+BjdWwESurAP7A==
x-xss-protection
0
page.php
www.facebook.com/plugins/ Frame D6BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/CITIGYM/&tabs=timeline&width=328&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: citigymhappyrun.myruntime.com
URL: https://citigymhappyrun.myruntime.com/components/resources/dist/vendor.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.13.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-sin6.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://citigymhappyrun.myruntime.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 13 Dec 2024 12:06:18 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
priority
u=0,i
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447866617268368772"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447866617268368772", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=3, rtx=0, c=38, mss=1232, tbw=22647, tp=34, tpl=0, uplat=246, ullat=0
x-fb-debug
UsgkR+64e7DZSRjWEDVGC0mB+SiQB9SGTPzCYWiwabwyqQNty3eSSGu6Usql9M62wVaBiP1Rw0ehJML/u2TNUg==
x-xss-protection
0
citigym-happy-run-2025-1734089589584-HAPPY-BANNER-PC.jpg
de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com/31fa8/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com/31fa8/citigym-happy-run-2025-1734089589584-HAPPY-BANNER-PC.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.41.79.239 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-79-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
935af6e0dc347328236974fcc23f32f56c72022e2285e1eed36093d5a0513641

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/

Response headers

Cache-Control
public, max-age=257240
ETag
01cfe2ad343a3d4339240b6aad0fba24
X-Timestamp
1734089589.92003
Connection
keep-alive
Expires
Mon, 16 Dec 2024 11:33:38 GMT
Accept-Ranges
bytes
X-Trans-Id
txeec44de8c6874ff3a317f-00675c1b7bsyd2
Content-Length
198614
Date
Fri, 13 Dec 2024 12:06:18 GMT
Last-Modified
Fri, 13 Dec 2024 11:33:10 GMT
Content-Type
image/jpeg
citigym-happy-run-2025-1734089591349-HAPPY-LOGO-V2_400.jpg
de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com/31fa8/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com/31fa8/citigym-happy-run-2025-1734089591349-HAPPY-LOGO-V2_400.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.41.79.239 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-79-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fbb188dc6d71047c3ea1d326281374f34f02851beb7d1ae48ab8dc0295979647

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/

Response headers

Cache-Control
public, max-age=257274
ETag
3f576e3d712f48ce21fed67ffeaa84b9
X-Timestamp
1734089591.68884
Connection
keep-alive
Expires
Mon, 16 Dec 2024 11:34:12 GMT
Accept-Ranges
bytes
X-Trans-Id
txdf6b0e305b25473399c21-00675c1b7bsyd2
Content-Length
145962
Date
Fri, 13 Dec 2024 12:06:18 GMT
Last-Modified
Fri, 13 Dec 2024 11:33:12 GMT
Content-Type
image/jpeg
citigym-happy-run-2025-1734089582365-HAPPY-POSTER.jpg
de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com/31fa8/ 		206 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com/31fa8/citigym-happy-run-2025-1734089582365-HAPPY-POSTER.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.41.79.239 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-79-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a9ff18aa604669bbc258aa2a0bcac544a144ca482f446d18c3b4211d4c5b2340

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/

Response headers

Cache-Control
public, max-age=257270
ETag
e60609f12b29ab302b7ec1443eb21135
X-Timestamp
1734089583.45547
Connection
keep-alive
Expires
Mon, 16 Dec 2024 11:34:08 GMT
Accept-Ranges
bytes
X-Trans-Id
txe42739fef527454d84bdb-00675c1b7bsyd2
Content-Length
210780
Date
Fri, 13 Dec 2024 12:06:18 GMT
Last-Modified
Fri, 13 Dec 2024 11:33:04 GMT
Content-Type
image/jpeg
citigym-happy-run-2025-1734089584198-HAPPY-SINGLET.jpg
de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com/31fa8/ 		208 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com/31fa8/citigym-happy-run-2025-1734089584198-HAPPY-SINGLET.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.41.79.239 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-79-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0cd4227e54ee240ab3f2d6cab5fcc0629ce03a7811e5a1638b02dc251eb6c5f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/

Response headers

Cache-Control
public, max-age=257266
ETag
e4cd6bd37f0154306ce5c8b381e9ebf5
X-Timestamp
1734089584.53798
Connection
keep-alive
Expires
Mon, 16 Dec 2024 11:34:04 GMT
Accept-Ranges
bytes
X-Trans-Id
txe27b8e56fc7a454b86e06-00675c1b7bsyd2
Content-Length
213094
Date
Fri, 13 Dec 2024 12:06:18 GMT
Last-Modified
Fri, 13 Dec 2024 11:33:05 GMT
Content-Type
image/jpeg
citigym-happy-run-2025-1734089585866-HAPPY-RACESHIRT.jpg
de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com/31fa8/ 		187 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com/31fa8/citigym-happy-run-2025-1734089585866-HAPPY-RACESHIRT.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.41.79.239 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-79-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1980019363d4abea25ed44ec508dbf974662fe5bb74930b3c7ceda7b8a0a607

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/

Response headers

Cache-Control
public, max-age=257203
ETag
1591a22e1043aafa93c3d7fa04c000db
X-Timestamp
1734089586.19746
Connection
keep-alive
Expires
Mon, 16 Dec 2024 11:33:01 GMT
Accept-Ranges
bytes
X-Trans-Id
tx766a2c63210048ada8aef-00675c1b7bsyd2
Content-Length
191743
Date
Fri, 13 Dec 2024 12:06:18 GMT
Last-Modified
Fri, 13 Dec 2024 11:33:07 GMT
Content-Type
image/jpeg
citigym-happy-run-2025-1734089587077-HAPPY-RACESHIRT-BACK.jpg
de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com/31fa8/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com/31fa8/citigym-happy-run-2025-1734089587077-HAPPY-RACESHIRT-BACK.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.41.79.239 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-79-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
93cf93a99dad2f7f881c7e3febc8af356e3aac2cec9526678f111018e9f0c945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/

Response headers

Cache-Control
public, max-age=257158
ETag
b6fb0fc86d1997c8deed3ee563dab3b3
X-Timestamp
1734089587.31174
Connection
keep-alive
Expires
Mon, 16 Dec 2024 11:32:16 GMT
Accept-Ranges
bytes
X-Trans-Id
txaf3a47511dc642899b1ff-00675c1b7csyd2
Content-Length
208491
Date
Fri, 13 Dec 2024 12:06:18 GMT
Last-Modified
Fri, 13 Dec 2024 11:33:08 GMT
Content-Type
image/jpeg
citigym-happy-run-2025-1734089588026-HAPPY-SLOGAN.jpg
de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com/31fa8/ 		197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com/31fa8/citigym-happy-run-2025-1734089588026-HAPPY-SLOGAN.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.41.79.239 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-79-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
07213c38f3c568337bca733ee987acdba0dcd1e15623515753fb097cbf9077d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://citigymhappyrun.myruntime.com/

Response headers

Cache-Control
public, max-age=257169
ETag
992f29009391435845be53d0e22c0a88
X-Timestamp
1734089588.26103
Connection
keep-alive
Expires
Mon, 16 Dec 2024 11:32:27 GMT
Accept-Ranges
bytes
X-Trans-Id
tx0fd5258c0add4488a4b8f-00675c1b7csyd2
Content-Length
201996
Date
Fri, 13 Dec 2024 12:06:18 GMT
Last-Modified
Fri, 13 Dec 2024 11:33:09 GMT
Content-Type
image/jpeg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/CITIGYM/&tabs=timeline&width=100%&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Domain
www.facebook.com
URL
https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/CITIGYM/&tabs=timeline&width=100%&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer object| link object| ihreg object| ihnav function| setImmediate function| clearImmediate function| Vue object| VueRouter object| Vuex function| axios object| toastr object| FontAwesomeConfig object| ___FONT_AWESOME___ function| Cleave object| __core-js_shared__

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

citigymhappyrun.myruntime.com
de3ff85059905be27731-aaefc4ed03b466f4ef3fd50b219a58e1.ssl.cf4.rackcdn.com
fonts.googleapis.com
fonts.gstatic.com
www.facebook.com
www.facebook.com
142.251.10.94
142.251.175.95
157.240.13.35
174.138.25.1
23.41.79.239
07213c38f3c568337bca733ee987acdba0dcd1e15623515753fb097cbf9077d3
0cd4227e54ee240ab3f2d6cab5fcc0629ce03a7811e5a1638b02dc251eb6c5f7
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
519de7464af9ab14d7b2bd541291c10ee50deb4b027ab9f48969e77a69761179
58554e8cad01aff4b4ff915af9c1f62cc38c203949a119093111d146a7d01ce8
5fbf3a136b38380447a8474ad4d32b696518ae9cfc5a59f490de46585f9630b5
688d6577ebeea79fd6e9ab9d09f9ac69a2cca4e6f2060776e9326aba482176bd
75e656f220672a86b6b0ef5fee66a88f4841b9157f8e5d1c94dc1312c63723ab
7ab3ff5020e8b041f9a3b35d0af658f3daeebdd532e44a5cd65d3d75e4aac3e4
7ed01eec5fa2013d60cee5fec621dbd2a19a6c29c806b04f607f5c0ddc43cc66
8cb5573688e81742b95c36b16c7f6d33f8d93f0fcfb796a98bb96f050e3fd765
935af6e0dc347328236974fcc23f32f56c72022e2285e1eed36093d5a0513641
93cf93a99dad2f7f881c7e3febc8af356e3aac2cec9526678f111018e9f0c945
a66baa1c34213597abdfa6b95916244793a0f65c4f1bac4ed4eaf2f52f5a814e
a9ff18aa604669bbc258aa2a0bcac544a144ca482f446d18c3b4211d4c5b2340
b1980019363d4abea25ed44ec508dbf974662fe5bb74930b3c7ceda7b8a0a607
df692ce35d718d80d5ca42d0ed6ec4046f27179460be024642e4b5b7f3c955ef
ee7f55fdd2d9c48e75fd36c0dfe63da3a8de4c4d3cf3eb2e4ec4ae7603526e16
fbb188dc6d71047c3ea1d326281374f34f02851beb7d1ae48ab8dc0295979647