citigrand-q2.com Open in urlscan Pro
172.96.191.182 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.citigrand-q2.bds24hsaigon.com/
Effective URL:
https://citigrand-q2.com/
Submission: On August 01 via automatic, source certstream-suspicious (August 1st 2020, 7:33:19 pm UTC)

Summary HTTP 40 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 40 HTTP transactions. The main IP is 172.96.191.182, located in Fergus, Canada and belongs to LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG. The main domain is citigrand-q2.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 1st 2020. Valid for: 3 months.

This is the only time citigrand-q2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	172.96.191.182 172.96.191.182	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
3	2606:4700:303... 2606:4700:3036::6812:2b05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
8	2606:4700:303... 2606:4700:3033::681c:168a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	210.211.116.252 210.211.116.252	38731 (VTDC-AS-V...) (VTDC-AS-VN Vietel - CHT Compamy Ltd)
7	125.212.217.61 125.212.217.61	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
40	12

11 172.96.191.182 (Fergus, Canada) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.182-static.reverse.arandomserver.com

www.citigrand-q2.bds24hsaigon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
citigrand-q2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6812:2b05 (United States)

ASN13335 (CLOUDFLARENET, US)

uhchat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3033::681c:168a (United States)

ASN13335 (CLOUDFLARENET, US)

c.trazk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.211.116.252 (Ho Chi Minh City, Viet Nam)

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)

localapi.trazk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 125.212.217.61 (Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)

themes.trazk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	trazk.com c.trazk.com localapi.trazk.com themes.trazk.com	81 KB
10	citigrand-q2.com citigrand-q2.com	1 MB
4	googleadservices.com www.googleadservices.com	25 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
3	uhchat.net uhchat.net	9 KB
2	google.de www.google.de	646 B
2	google.com 2 redirects www.google.com	2 KB
2	google-analytics.com 1 redirects www.google-analytics.com	19 KB
1	googleapis.com ajax.googleapis.com	30 KB
1	googletagmanager.com www.googletagmanager.com	27 KB
1	bds24hsaigon.com 1 redirects www.citigrand-q2.bds24hsaigon.com	272 B
40	11

	Domain	Requested by
10	citigrand-q2.com	citigrand-q2.com
8	c.trazk.com	www.googletagmanager.com c.trazk.com ajax.googleapis.com
7	themes.trazk.com	c.trazk.com themes.trazk.com ajax.googleapis.com
4	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com c.trazk.com
3	uhchat.net	citigrand-q2.com uhchat.net
2	localapi.trazk.com	ajax.googleapis.com
2	www.google.de	citigrand-q2.com
2	www.google.com	2 redirects
2	googleads.g.doubleclick.net	2 redirects
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	ajax.googleapis.com	c.trazk.com
1	stats.g.doubleclick.net	citigrand-q2.com
1	www.googletagmanager.com	citigrand-q2.com
1	www.citigrand-q2.bds24hsaigon.com	1 redirects
40	14

This site contains links to these domains. Also see Links.

Domain
www.cosaco.com.vn
zalo.me

Subject Issuer	Validity	Valid
citigrand-q2.bds24hsaigon.com Let's Encrypt Authority X3	`2020-06-01` - `2020-08-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-31` - `2021-07-31`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
localapi.trazk.com GoGetSSL RSA DV CA	`2019-10-04` - `2021-10-03`	2 years	crt.sh
themes.trazk.com GoGetSSL RSA DV CA	`2020-06-14` - `2020-09-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://citigrand-q2.com/
Frame ID: 0BC1A68F24B77F3A3C3242E521EF6CAC
Requests: 54 HTTP requests in this frame

Frame: https://uhchat.net/chat/?f=ed34e8&title=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&parent=https%3A%2F%2Fcitigrand-q2.com%2F&ref=
Frame ID: 9A22FD72966C9C6C80FABDE1133C596F
Requests: 1 HTTP requests in this frame

Frame: https://c.trazk.com/v1.syncok.php?regid=&gclid=
Frame ID: 713450D9EFAB0BC05EC8AE231373BE09
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.citigrand-q2.bds24hsaigon.com/ HTTP 301
https://citigrand-q2.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

40
Requests

100 %
HTTPS

69 %
IPv6

11
Domains

14
Subdomains

12
IPs

5
Countries

1278 kB
Transfer

2111 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cosaco.com.vn/
Title: xem thêm

Search URL Search Domain Scan URL

URL: https://zalo.me/0917681293
Title: Liên lạc qua Zalo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.citigrand-q2.bds24hsaigon.com/ HTTP 301
https://citigrand-q2.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=110851856&t=pageview&_s=1&dl=https%3A%2F%2Fcitigrand-q2.com%2F&ul=en-us&de=UTF-8&dt=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=2030642525&gjid=622453941&cid=1369463656.1596310377&tid=UA-144522217-6&_gid=1596702931.1596310377&_r=1&gtm=2wg7m1538PQ6M&z=1222673834 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144522217-6&cid=1369463656.1596310377&jid=2030642525&_gid=1596702931.1596310377&gjid=622453941&_v=j83&z=1222673834

Request Chain 30

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624979110/?random=509208064&cv=9&fst=*&num=1&value=0&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://citigrand-q2.com/&tiba=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=aMMlX9PJKaKe7_UP_rWR0AM&sscte=1&crd=&eitems=ChAI8KWU-QUQm5qCju2MxPQSEh0AnVdh0BuaV3xLxwZCGaiJX3XsaWlQ7M2jEbMm4Q HTTP 302
https://www.google.com/pagead/1p-conversion/624979110/?random=509208064&cv=9&fst=*&num=1&value=0&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://citigrand-q2.com/&tiba=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aMMlX9PJKaKe7_UP_rWR0AM&eitems=ChAI8KWU-QUQm5qCju2MxPQSEh0AnVdh0G2BJ1pFALoZNgheE_QJl2Q81Wye9hNAmA&random=1891270351&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/624979110/?random=509208064&cv=9&fst=*&num=1&value=0&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://citigrand-q2.com/&tiba=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aMMlX9PJKaKe7_UP_rWR0AM&eitems=ChAI8KWU-QUQm5qCju2MxPQSEh0AnVdh0G2BJ1pFALoZNgheE_QJl2Q81Wye9hNAmA&random=1891270351&resp=GooglemKTybQhCsO&ipr=y

Request Chain 47

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624979110/?random=725242920&cv=9&fst=*&num=1&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://citigrand-q2.com/&tiba=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=a8MlX8-7KYqO7_UP47qT2A0&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/624979110/?random=725242920&cv=9&fst=*&num=1&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://citigrand-q2.com/&tiba=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=a8MlX8-7KYqO7_UP47qT2A0&random=3523948675&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/624979110/?random=725242920&cv=9&fst=*&num=1&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://citigrand-q2.com/&tiba=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=a8MlX8-7KYqO7_UP47qT2A0&random=3523948675&resp=GooglemKTybQhCsO&ipr=y

40 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
citigrand-q2.com/
Redirect Chain

https://www.citigrand-q2.bds24hsaigon.com/
https://citigrand-q2.com/

86 KB
17 KB

1088ms
1069ms

Document
text/html

172.96.191.182
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://citigrand-q2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.182 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.182-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/7.2.32
Resource Hash: da4dce76690750fd992daa5b243016dcce1dc894bf75e9bd882ad1568ede0515

Request headers

:method: GET
:authority: citigrand-q2.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
x-powered-by: PHP/7.2.32
content-type: text/html; charset=UTF-8
link: <https://citigrand-q2.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Sat, 01 Aug 2020 19:32:55 GMT
server: LiteSpeed

Redirect headers

status: 301
x-powered-by: PHP/7.2.32
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://citigrand-q2.com/
content-length: 0
date: Sat, 01 Aug 2020 19:32:54 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 header-0ed093a25f487c1520cc7e5094a58b9da743e9d7.min.css
citigrand-q2.com/wp-content/uploads/cache/fvm/1595213040/out/ 188 KB
33 KB 168ms
168ms Stylesheet
text/css 172.96.191.182
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://citigrand-q2.com/wp-content/uploads/cache/fvm/1595213040/out/header-0ed093a25f487c1520cc7e5094a58b9da743e9d7.min.css
Requested by: Host: citigrand-q2.com
URL: https://citigrand-q2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.182 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.182-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 16eb8e8ca68fc9640c7825e2912bc9663880965ea75ece3dd028692bfa7afdd3

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:56 GMT
content-encoding: br
last-modified: Mon, 20 Jul 2020 02:45:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34132
expires: Sat, 08 Aug 2020 19:32:56 GMT

GET
H2 200 header-f0058641a050d28b94dd899c6780665c0c05dbf9.min.js Show response
citigrand-q2.com/wp-content/uploads/cache/fvm/1595213040/out/ 105 KB
36 KB 322ms
321ms Script
application/javascript 172.96.191.182
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://citigrand-q2.com/wp-content/uploads/cache/fvm/1595213040/out/header-f0058641a050d28b94dd899c6780665c0c05dbf9.min.js
Requested by: Host: citigrand-q2.com
URL: https://citigrand-q2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.182 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.182-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 5aef3a302e5f4a9ac3b4854fe9b37b4114a04589029e3f69a65ea5d260c77a0b

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:56 GMT
content-encoding: br
last-modified: Mon, 20 Jul 2020 02:45:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 36301
expires: Sat, 08 Aug 2020 19:32:56 GMT

GET
H2 200 logo-citigrand.png
citigrand-q2.com/wp-content/uploads/2020/05/ 13 KB
14 KB 166ms
165ms Image
image/png 172.96.191.182
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citigrand-q2.com/wp-content/uploads/2020/05/logo-citigrand.png
Requested by: Host: citigrand-q2.com
URL: https://citigrand-q2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.182 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.182-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: e3481e467134fa6f1f60da87314336e899dcb9481f7879fd447251aadb582935

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:56 GMT
last-modified: Tue, 09 Jun 2020 02:45:02 GMT
server: LiteSpeed
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13808
expires: Sat, 08 Aug 2020 19:32:56 GMT

GET
H2 200 delete-sign.png
citigrand-q2.com/wp-content/plugins/wp-contact-slider/img/ 838 B
902 B 169ms
168ms Image
image/png 172.96.191.182
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citigrand-q2.com/wp-content/plugins/wp-contact-slider/img/delete-sign.png
Requested by: Host: citigrand-q2.com
URL: https://citigrand-q2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.182 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.182-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f17164d39bdf624fd93d1a3ce6f7a50e4848f1ba85abb5abc0e94f5caf79026e

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:56 GMT
last-modified: Wed, 20 May 2020 16:44:56 GMT
server: LiteSpeed
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 838
expires: Sat, 08 Aug 2020 19:32:56 GMT

GET
H2 200 code.php Show response
uhchat.net/ 2 KB
1 KB 448ms
431ms Script
text/html 2606:4700:3036::6812:2b05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uhchat.net/code.php?f=ed34e8
Requested by: Host: citigrand-q2.com
URL: https://citigrand-q2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b2dcf638a6080162938835d615ac49eaec12851ea616344713573068bd2982b

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
status: 200
cf-ray: 5bc1fcec8d73dfb7-FRA
cf-request-id: 044d1c67d20000dfb70287d200000001

GET
H2 200 footer-cd002d47eb3fdc5165ffc5a81385c60d17033285.min.js Show response
citigrand-q2.com/wp-content/uploads/cache/fvm/1595213040/out/ 232 KB
65 KB 170ms
169ms Script
application/javascript 172.96.191.182
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://citigrand-q2.com/wp-content/uploads/cache/fvm/1595213040/out/footer-cd002d47eb3fdc5165ffc5a81385c60d17033285.min.js
Requested by: Host: citigrand-q2.com
URL: https://citigrand-q2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.182 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.182-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 6e118352a7aa5decff98701d6440f4c8c50c57868b55319eb41c8781c4df696a

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:56 GMT
content-encoding: br
last-modified: Mon, 20 Jul 2020 02:45:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 66498
expires: Sat, 08 Aug 2020 19:32:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 68 KB
27 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-538PQ6M

Requested by

Host: citigrand-q2.com
URL: https://citigrand-q2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

844ce3066943e4c7c1f279312b5ee643f5bd2b1f3584bb6bee9cd1265fd177a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:56 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27082
x-xss-protection: 0
last-modified: Sat, 01 Aug 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 Aug 2020 19:32:56 GMT

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89967ffc1b63ebdb8b541d361205ed603b7949d7e3445be94bba2ea77fed6a26

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff65c6a3b716ae696170f17006e5b017751677908e6b56b53a27379f7dc578df

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24d5dd213e8233a226357e6a375f5dbe161d246be65fe75d8536bca5ef18bfe5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33d24481ad9790edaff8e5d9587fb445846ef4d82130d59773e9ed602f5bd3ff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac0d4221b3719cc1be1df58e2c57a8821abf37b247c60095374b9c113ae5c515

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c32decf0c5d56b9747d14290edb9d779c234798820ff043272f0834b58c76ca

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cad472735192b57dbd97425e4c1fe844b2b260623b3aa23f990f1699fec2faa4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d413e7626f3cf55ef507c5b32b514aaafc318a84a2456d2dfdac844b03ab08b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3489caa49670a556ef320d02cbdb449c15d4f1d93c6697914b8edb810e386d21

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfbb565655b81d226e060a8c4e88854a406c6d8f739d5c283a3b64c090f9ba73

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a192f04b288f5177a4fa5d9b378e63ae7ed9b873663609a2fd58e209630f627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f5af67f3d67b997024fd8983f96ebe2e725dc7a6e93901b2df14459470d21d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc0b877f420cc481e8499d66d02a97d9e1eef11309db0f03666416132aed22e8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90a25f1c70da859bd8b02ef32bd249523e768b797854a8584ad2d6bdc3da370a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d7684a8e1cf5d57b58ed3b0cf4c51ef136d851c6955226b0acf2c1ba4bafdb3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef92f6e1fa52b85237de280341403829010d588869f931af932a9fe42d551c4b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 slide3-1024x427.jpg
citigrand-q2.com/wp-content/uploads/2020/05/ 112 KB
112 KB 166ms
166ms Image
image/jpeg 172.96.191.182
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citigrand-q2.com/wp-content/uploads/2020/05/slide3-1024x427.jpg
Requested by: Host: citigrand-q2.com
URL: https://citigrand-q2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.182 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.182-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 1db22928209a8298a50f98ae7a3ffb05c9ddbdea1a134ac3bcda958a991e860e

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:56 GMT
last-modified: Tue, 09 Jun 2020 02:39:21 GMT
server: LiteSpeed
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 114842
expires: Sat, 08 Aug 2020 19:32:56 GMT

GET
H2 200 fl-icons.woff2
citigrand-q2.com/wp-content/themes/flatsome/assets/css/icons/ 6 KB
6 KB 276ms
276ms Font
font/woff2 172.96.191.182
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://citigrand-q2.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
Requested by: Host: citigrand-q2.com
URL: https://citigrand-q2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.182 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.182-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 558968cce04d4dffad0792278f0c14ab5e5b9f828ac3beeb9b900c448243f2da

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://citigrand-q2.com/wp-content/uploads/cache/fvm/1595213040/out/header-0ed093a25f487c1520cc7e5094a58b9da743e9d7.min.css
Origin: https://citigrand-q2.com

Response headers

status: 200
date: Sat, 01 Aug 2020 19:32:56 GMT
last-modified: Fri, 07 Feb 2020 02:12:30 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 6128
content-type: font/woff2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-538PQ6M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 4637
date: Sat, 01 Aug 2020 18:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Sat, 01 Aug 2020 20:15:39 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 84ms
34ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-538PQ6M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

71aa66e3c94df617c70a1b9530acaa18c9f049d6d29dbaa6d0efe84d7104805a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11323
x-xss-protection: 0
server: cafe
etag: 17153042000983114910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 Aug 2020 19:32:56 GMT

GET
H2 200 c.js Show response
c.trazk.com/ 7 KB
3 KB 498ms
453ms Script
application/javascript 2606:4700:3033::681c:168a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.trazk.com/c.js?_key=v6NE91YzFUdSs0b000ZkVjOG9iTkUrYlhFeWVVME9OaVZBZ3k4VWdkcmhnaz0=

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-538PQ6M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:168a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c457fdd887fca922cc4047dea0f6ac5b2c11fc6c696d7b672702639cb55ff867

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:57 GMT
content-encoding: br
status: 200
cf-cache-status: MISS
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 5bc1fceded58978a-FRA
cf-request-id: 044d1c68b00000978a8ab00200000001

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=110851856&t=pageview&_s=1&dl=https%3A%2F%2Fcitigrand-q2.com%2F&ul=en-us&de=UTF-8&dt=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144522217-6&cid=1369463656.1596310377&jid=2030642525&_gid=1596702931.1596310377&gjid=622453941&_v=j83&z=1222673834

35 B
421 B

48ms
16ms

Image
image/gif

2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144522217-6&cid=1369463656.1596310377&jid=2030642525&_gid=1596702931.1596310377&gjid=622453941&_v=j83&z=1222673834

Requested by

Host: citigrand-q2.com
URL: https://citigrand-q2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 01 Aug 2020 19:32:56 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 Aug 2020 19:32:56 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144522217-6&cid=1369463656.1596310377&jid=2030642525&_gid=1596702931.1596310377&gjid=622453941&_v=j83&z=1222673834
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 420
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/624979110/ 2 KB
1 KB 34ms
34ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/624979110/?random=1596310376664&cv=9&fst=1596310376664&num=1&value=0&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcitigrand-q2.com%2F&tiba=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

6b309e222dbe169fdf75968a4b93d83927737f4623967a28cb5cadf19e134ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Aug 2020 19:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/624979110/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624979110/?random=509208064&cv=9&fst=*&num=1&value=0&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...
https://www.google.com/pagead/1p-conversion/624979110/?random=509208064&cv=9&fst=*&num=1&value=0&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=...
https://www.google.de/pagead/1p-conversion/624979110/?random=509208064&cv=9&fst=*&num=1&value=0&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=2...

42 B
539 B

39ms
19ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/624979110/?random=509208064&cv=9&fst=*&num=1&value=0&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://citigrand-q2.com/&tiba=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aMMlX9PJKaKe7_UP_rWR0AM&eitems=ChAI8KWU-QUQm5qCju2MxPQSEh0AnVdh0G2BJ1pFALoZNgheE_QJl2Q81Wye9hNAmA&random=1891270351&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: citigrand-q2.com
URL: https://citigrand-q2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Aug 2020 19:32:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 Aug 2020 19:32:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/624979110/?random=509208064&cv=9&fst=*&num=1&value=0&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://citigrand-q2.com/&tiba=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aMMlX9PJKaKe7_UP_rWR0AM&eitems=ChAI8KWU-QUQm5qCju2MxPQSEh0AnVdh0G2BJ1pFALoZNgheE_QJl2Q81Wye9hNAmA&random=1891270351&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
uhchat.net/chat/ Frame 9A22 0
0 418ms
418ms Document
text/html 2606:4700:3036::6812:2b05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uhchat.net/chat/?f=ed34e8&title=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&parent=https%3A%2F%2Fcitigrand-q2.com%2F&ref=
Requested by: Host: uhchat.net
URL: https://uhchat.net/code.php?f=ed34e8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: uhchat.net
:scheme: https
:path: /chat/?f=ed34e8&title=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&parent=https%3A%2F%2Fcitigrand-q2.com%2F&ref=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://citigrand-q2.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cf_bm=f1759db975bc2c7c2ef9e69dcbb48995cdb71421-1596310376-1800-ASLR1Fcok19mXZuTInBWbANDnrR6WAI2sdPoFVP32zDsRVCoHBV/Mi55bldXT2cYVCfEJ4q9W1f2rT4XXOZSCL0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://citigrand-q2.com/

Response headers

status: 200
date: Sat, 01 Aug 2020 19:32:57 GMT
content-type: text/html
set-cookie: __cfduid=d6fa3fd89847525341ae6ccc84dc6cbe41596310376; expires=Mon, 31-Aug-20 19:32:56 GMT; path=/; domain=.uhchat.net; HttpOnly; SameSite=Lax thoigianvaoed34e8=1596310377; expires=Sun, 02-Aug-2020 19:32:57 GMT chattudonged34e8=1596310377; expires=Sat, 01-Aug-2020 20:32:57 GMT
expires: Sat, 01 Jan 2005 00:00:00 GMT
last-modified: Sat, 01 Aug 2020 19:32:57GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 044d1c69850000dfb70289a200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5bc1fcef3b51dfb7-FRA
content-encoding: br

GET
H2 200 chat-11.png
uhchat.net/themes/ 8 KB
8 KB 12ms
11ms Image
image/png 2606:4700:3036::6812:2b05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uhchat.net/themes/chat-11.png
Requested by: Host: citigrand-q2.com
URL: https://citigrand-q2.com/wp-content/uploads/cache/fvm/1595213040/out/header-f0058641a050d28b94dd899c6780665c0c05dbf9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2454d27adafe5b2e2d50f17466ea8ca384780db7b847eabf71c74bcceedb19a

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:56 GMT
cf-cache-status: HIT
age: 32274762
status: 200
content-length: 7784
cf-request-id: 044d1c69930000dfb70289b200000001
last-modified: Mon, 18 Jul 2016 03:54:30 GMT
server: cloudflare
etag: "578c52f6-1e68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5bc1fcef5b81dfb7-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ajax-loader.gif
citigrand-q2.com/wp-content/plugins/contact-form-7/images/ 847 B
912 B 165ms
165ms Image
image/gif 172.96.191.182
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citigrand-q2.com/wp-content/plugins/contact-form-7/images/ajax-loader.gif
Requested by: Host: citigrand-q2.com
URL: https://citigrand-q2.com/wp-content/uploads/cache/fvm/1595213040/out/footer-cd002d47eb3fdc5165ffc5a81385c60d17033285.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.182 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.182-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877

Request headers

Referer: https://citigrand-q2.com/wp-content/uploads/cache/fvm/1595213040/out/header-0ed093a25f487c1520cc7e5094a58b9da743e9d7.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:56 GMT
last-modified: Wed, 20 May 2020 05:46:56 GMT
server: LiteSpeed
content-type: image/gif
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 847
expires: Sat, 08 Aug 2020 19:32:56 GMT

GET
H2 200 6532865c6dff95a1ccee.jpg
citigrand-q2.com/wp-content/uploads/2020/05/ 801 KB
802 KB 165ms
165ms Image
image/jpeg 172.96.191.182
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citigrand-q2.com/wp-content/uploads/2020/05/6532865c6dff95a1ccee.jpg
Requested by: Host: citigrand-q2.com
URL: https://citigrand-q2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.182 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.182-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 157bcd0a28191c0042b9412849f5bd6d777888efce78adbaa3195672fdedf14c

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:56 GMT
last-modified: Tue, 09 Jun 2020 02:38:41 GMT
server: LiteSpeed
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 820299
expires: Sat, 08 Aug 2020 19:32:56 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: c.trazk.com
URL: https://c.trazk.com/c.js?_key=v6NE91YzFUdSs0b000ZkVjOG9iTkUrYlhFeWVVME9OaVZBZ3k4VWdkcmhnaz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 16:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357841
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jul 2021 16:08:56 GMT

GET
H/1.1 200
OK convert.php Show response
localapi.trazk.com/widgets/api/ 31 B
399 B 937ms
471ms XHR
text/html 210.211.116.252
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL

https://localapi.trazk.com/widgets/api/convert.php?task=all&domain=citigrand-q2.com

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.211.116.252 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),

Reverse DNS

Software

nginx /

Resource Hash

e67fb2ad31203de5a297033097a1442773c823ff6dc71f7fb26353e46270538d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 01 Aug 2020 19:32:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 v1.syncok.php
c.trazk.com/ Frame 7134 0
0 463ms
463ms Document
text/html 2606:4700:3033::681c:168a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.trazk.com/v1.syncok.php?regid=&gclid=

Requested by

Host: c.trazk.com
URL: https://c.trazk.com/c.js?_key=v6NE91YzFUdSs0b000ZkVjOG9iTkUrYlhFeWVVME9OaVZBZ3k4VWdkcmhnaz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:168a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

:method: GET
:authority: c.trazk.com
:scheme: https
:path: /v1.syncok.php?regid=&gclid=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://citigrand-q2.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://citigrand-q2.com/

Response headers

status: 200
date: Sat, 01 Aug 2020 19:32:57 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d7f8cb78aef20502a4684e0014bb8cb391596310377; expires=Mon, 31-Aug-20 19:32:57 GMT; path=/; domain=.trazk.com; HttpOnly; SameSite=Lax
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://c.trazk.com *
x-frame-options: ALLOWALL
cf-cache-status: DYNAMIC
cf-request-id: 044d1c6aa50000978a8ab1b200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5bc1fcf10815978a-FRA
content-encoding: br

GET
H2 200 v2.ick.php Show response
c.trazk.com/ 1 B
385 B 482ms
465ms XHR
text/html 2606:4700:3033::681c:168a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.trazk.com/v2.ick.php?k=b3duZXJJZD02MzI0MyZ1dWlkPTIwOTQxNDAyOTgxNTk2MzEwMzc3JnRpdGxlPUNJVEklMjBHUkFORCUyMC0lMjBDaGklQ0MlODklMjBUJUM2JUIwJUNDJTgwJTIwMiUyQzElMjBUeSVDQyU4OSUyMC0lMjBDJUM0JTgzbiUyMEglQzMlQjQlQ0MlQTMlMjBUYSVDQyVBM2klMjAlQzQlOTAlQzMlQjQlMjBUaGklQ0MlQTMlMjBLaSVDMyVBQSVDQyU4MW4lMjBBJUNDJTgxJTIwLSUyMENoaSVDQyU4OSUyMHQlQzYlQjAlQ0MlODAlMjAyJTJDMSUyMHR5JUNDJTg5LiZocmVmPWh0dHBzJTNBJTJGJTJGY2l0aWdyYW5kLXEyLmNvbSUyRiZ0b3BkPWNpdGlncmFuZC1xMi5jb20mbWV0YWRhdGE9JnV0bV9zb3VyY2U9JnV0bV9tZWRpdW09JnV0bV9jYW1wYWlnbj0mZ2NsaWQ9

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:168a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:58 GMT
content-encoding: br
status: 200
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 5bc1fcf769b405ed-FRA
cf-request-id: 044d1c6e9f000005edb48bc200000001

GET
H2 200 widgetLoader.min.js Show response
c.trazk.com/widgets/clients/ 43 KB
10 KB 440ms
440ms Script
application/javascript 2606:4700:3033::681c:168a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.trazk.com/widgets/clients/widgetLoader.min.js?uuid=&hostname=citigrand-q2.com

Requested by

Host: c.trazk.com
URL: https://c.trazk.com/c.js?_key=v6NE91YzFUdSs0b000ZkVjOG9iTkUrYlhFeWVVME9OaVZBZ3k4VWdkcmhnaz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:168a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba1384100563186a5d399248333ddd3ac59a0b39d313b5b7da4f4cf2e5c67915

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:58 GMT
content-encoding: br
cf-cache-status: MISS
status: 200
cf-request-id: 044d1c6e8f0000978a8ab51200000001
pragma: public
last-modified: Fri, 22 May 2020 06:41:26 GMT
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"5ec77416-ab87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5bc1fcf74d5e978a-FRA
expires: Mon, 31 Aug 2020 19:32:58 GMT

GET
H2 301 __citigrand-q2.com__.js Show response
c.trazk.com/widgets/clients/cache/analytics/ 0
72 B 567ms
567ms Script
text/html 2606:4700:3033::681c:168a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.trazk.com/widgets/clients/cache/analytics/__citigrand-q2.com__.js

Requested by

Host: c.trazk.com
URL: https://c.trazk.com/c.js?_key=v6NE91YzFUdSs0b000ZkVjOG9iTkUrYlhFeWVVME9OaVZBZ3k4VWdkcmhnaz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:168a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:59 GMT
status: 301
cf-cache-status: MISS
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 5bc1fcfa1fab978a-FRA
cf-request-id: 044d1c704b0000978a8ab67200000001

GET
H2 301 __citigrand-q2.com__.js Show response
c.trazk.com/widgets/clients/cache/conversion/ 0
98 B 444ms
444ms Script
text/html 2606:4700:3033::681c:168a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.trazk.com/widgets/clients/cache/conversion/__citigrand-q2.com__.js

Requested by

Host: c.trazk.com
URL: https://c.trazk.com/c.js?_key=v6NE91YzFUdSs0b000ZkVjOG9iTkUrYlhFeWVVME9OaVZBZ3k4VWdkcmhnaz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:168a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:59 GMT
status: 301
cf-cache-status: MISS
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 5bc1fcfa1fac978a-FRA
cf-request-id: 044d1c704b0000978a8ab68200000001

GET
H/1.1 200
OK index.php Show response
localapi.trazk.com/widgets/api/ 6 KB
2 KB 892ms
891ms XHR
text/html 210.211.116.252
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL

https://localapi.trazk.com/widgets/api/index.php?task=loadOnlineWidgetByDomain&domain=citigrand-q2.com

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.211.116.252 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),

Reverse DNS

Software

nginx /

Resource Hash

f6b6960abf91f418f0e9fd7c4f96834f5cc7727a663ac4b1ca8de435b848dff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 01 Aug 2020 19:32:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 c-c.js Show response
c.trazk.com/ 299 B
372 B 545ms
544ms Script
application/javascript 2606:4700:3033::681c:168a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.trazk.com/c-c.js?_key=v6NE91YzFUdSs0b000ZkVjOG9iTkUrYlhFeWVVME9OaVZBZ3k4VWdkcmhnaz0=

Requested by

Host: c.trazk.com
URL: https://c.trazk.com/c.js?_key=v6NE91YzFUdSs0b000ZkVjOG9iTkUrYlhFeWVVME9OaVZBZ3k4VWdkcmhnaz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:168a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f2820d01cf08a8da6f7b0e9319a61096564180ef9ccf167cba63ac5dace4096

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:59 GMT
content-encoding: br
status: 200
cf-cache-status: MISS
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 5bc1fcfd3a2d978a-FRA
access-control-allow-headers: *
cf-request-id: 044d1c72460000978a8ab85200000001

GET
H/1.1 200
OK script.js Show response
themes.trazk.com/004/maxLead-v2c/js/ 49 KB
9 KB 691ms
227ms Script
application/javascript 125.212.217.61
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://themes.trazk.com/004/maxLead-v2c/js/script.js
Requested by: Host: c.trazk.com
URL: https://c.trazk.com/c.js?_key=v6NE91YzFUdSs0b000ZkVjOG9iTkUrYlhFeWVVME9OaVZBZ3k4VWdkcmhnaz0=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 125.212.217.61 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 2cb51f98a0d6862d1a155a8f4f97987bab160fe5976c2724a3e7e175f4abecd4

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 01 Aug 2020 19:33:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jun 2020 02:39:59 GMT
Server: nginx
ETag: W/"5ee1997f-c335"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 33ms
32ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: c.trazk.com
URL: https://c.trazk.com/c-c.js?_key=v6NE91YzFUdSs0b000ZkVjOG9iTkUrYlhFeWVVME9OaVZBZ3k4VWdkcmhnaz0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

3065e10621af60d6237dc9d1a2cc1522936f4275061e1b997e8de9cdb7dbfe18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11240
x-xss-protection: 0
server: cafe
etag: 11702448950663636464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 Aug 2020 19:32:59 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/624979110/ 2 KB
1 KB 30ms
29ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/624979110/?random=1596310379662&cv=9&fst=1596310379662&num=1&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcitigrand-q2.com%2F&tiba=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

c06866afd635e494df88863dcf61cca3cd41528860100b3e71e41ebcfff7808a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Aug 2020 19:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1159
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/624979110/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624979110/?random=725242920&cv=9&fst=*&num=1&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
https://www.google.com/pagead/1p-conversion/624979110/?random=725242920&cv=9&fst=*&num=1&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his...
https://www.google.de/pagead/1p-conversion/624979110/?random=725242920&cv=9&fst=*&num=1&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=...

42 B
107 B

25ms
25ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/624979110/?random=725242920&cv=9&fst=*&num=1&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://citigrand-q2.com/&tiba=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=a8MlX8-7KYqO7_UP47qT2A0&random=3523948675&resp=GooglemKTybQhCsO&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Aug 2020 19:32:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 Aug 2020 19:32:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/624979110/?random=725242920&cv=9&fst=*&num=1&label=g6TDCIGpwtMBEKbZgaoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://citigrand-q2.com/&tiba=CITI%20GRAND%20-%20Chi%CC%89%20T%C6%B0%CC%80%202%2C1%20Ty%CC%89%20-%20C%C4%83n%20H%C3%B4%CC%A3%20Ta%CC%A3i%20%C4%90%C3%B4%20Thi%CC%A3%20Ki%C3%AA%CC%81n%20A%CC%81%20-%20Chi%CC%89%20t%C6%B0%CC%80%202%2C1%20ty%CC%89.&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=a8MlX8-7KYqO7_UP47qT2A0&random=3523948675&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK animate.css
themes.trazk.com/005/clickToCall/css/ 57 KB
5 KB 227ms
227ms Stylesheet
text/css 125.212.217.61
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://themes.trazk.com/005/clickToCall/css/animate.css
Requested by: Host: themes.trazk.com
URL: https://themes.trazk.com/004/maxLead-v2c/js/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 125.212.217.61 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 01 Aug 2020 19:33:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jan 2020 06:52:42 GMT
Server: nginx
ETag: W/"5e2159ba-e311"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ctc_styles.css
themes.trazk.com/005/clickToCall/css/ 4 KB
1 KB 453ms
225ms Stylesheet
text/css 125.212.217.61
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://themes.trazk.com/005/clickToCall/css/ctc_styles.css
Requested by: Host: themes.trazk.com
URL: https://themes.trazk.com/004/maxLead-v2c/js/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 125.212.217.61 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 5cbb8292e4f2286cf49f23bc44e96ad1a780f85c6efca9c55b4dfb0fdb81399d

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 01 Aug 2020 19:33:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jan 2020 06:52:42 GMT
Server: nginx
ETag: W/"5e2159ba-e3c"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.super-sidebar.js Show response
themes.trazk.com/005/clickToCall/js/ 65 KB
13 KB 673ms
235ms Script
application/javascript 125.212.217.61
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://themes.trazk.com/005/clickToCall/js/jquery.super-sidebar.js
Requested by: Host: themes.trazk.com
URL: https://themes.trazk.com/004/maxLead-v2c/js/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 125.212.217.61 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 43744adae985cf04512091d0bfe6a0bb8c8241fa6c0286d6f2c46c1403fb7f12

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 01 Aug 2020 19:33:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Feb 2020 08:28:54 GMT
Server: nginx
ETag: W/"5e37d9c6-10235"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK velocity.min.js Show response
themes.trazk.com/005/clickToCall/js/ 44 KB
16 KB 888ms
438ms Script
application/javascript 125.212.217.61
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://themes.trazk.com/005/clickToCall/js/velocity.min.js
Requested by: Host: themes.trazk.com
URL: https://themes.trazk.com/004/maxLead-v2c/js/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 125.212.217.61 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: fc878d154f60d539e3f6938aab78c6808536fe488a4beb7543ba70ca6ee6a680

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 01 Aug 2020 19:33:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jan 2020 09:14:33 GMT
Server: nginx
ETag: W/"5e1ed7f9-aef7"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK phone-alt-solid.svg
themes.trazk.com/master/images/svg/ 502 B
718 B 1210ms
758ms Image
image/svg+xml 125.212.217.61
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://themes.trazk.com/master/images/svg/phone-alt-solid.svg
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 125.212.217.61 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 3e1e4e919d7e9f9d0b1e03369c43b93822b5f9f8f633e46227b7c601b2849f0a

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 01 Aug 2020 19:33:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jun 2020 03:38:47 GMT
Server: nginx
ETag: W/"5ed71b47-1f6"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK zalo-logo.png
themes.trazk.com/master/images/svg/ 19 KB
20 KB 894ms
441ms Image
image/png 125.212.217.61
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://themes.trazk.com/master/images/svg/zalo-logo.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 125.212.217.61 , Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx /
Resource Hash: 9f0522b9b45af994560bc71931e86da19c11f251f0567b02776b73041ccb6b49

Request headers

Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 01 Aug 2020 19:33:00 GMT
Last-Modified: Wed, 03 Jun 2020 03:38:47 GMT
Server: nginx
ETag: "5ed71b47-4cdc"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19676
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v1.updateViewWidget.php Show response
c.trazk.com/ 529 B
567 B 481ms
480ms XHR
text/html 2606:4700:3033::681c:168a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.trazk.com/v1.updateViewWidget.php?k=b3duZXJJZD02MzI0MyZ1dWlkPSZocmVmPWh0dHBzJTNBJTJGJTJGY2l0aWdyYW5kLXEyLmNvbSUyRiZ3aWRnZXRUeXBlPXdpZGdldE1heExlYWQmd2lkZ2V0SWQ9NWVkNGRhMGQwODlmZA==

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:168a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a67597e1596d239ee1dabf782a7d9bf2c42e42ba2af1d85e15ffe9e315a13b39

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Referer: https://citigrand-q2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 19:33:01 GMT
content-encoding: br
status: 200
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 5bc1fd0a5c4405ed-FRA
cf-request-id: 044d1c7a73000005edb49e0200000001

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
c.trazk.com/	1970-01-19 12:08:22	Name: uuid Value: 20941402981596310377
uhchat.net/chat	1970-01-19 11:25:13	Name: chattudonged34e8 Value: 1596310377
uhchat.net/chat	1970-01-19 11:26:36	Name: thoigianvaoed34e8 Value: 1596310377
.uhchat.net/	1970-01-19 11:25:12	Name: __cf_bm Value: f1759db975bc2c7c2ef9e69dcbb48995cdb71421-1596310376-1800-ASLR1Fcok19mXZuTInBWbANDnrR6WAI2sdPoFVP32zDsRVCoHBV/Mi55bldXT2cYVCfEJ4q9W1f2rT4XXOZSCL0=
citigrand-q2.com/	1970-01-19 12:08:22	Name: uuid Value: 20941402981596310377
citigrand-q2.com/	1970-01-19 11:26:36	Name: uhchatrelock Value: 0
.citigrand-q2.com/	1970-01-19 11:25:10	Name: _gat_UA-144522217-6 Value: 1
.citigrand-q2.com/	1970-01-19 11:26:36	Name: _gid Value: GA1.2.1596702931.1596310377
.citigrand-q2.com/	1970-01-20 04:56:22	Name: _ga Value: GA1.2.1369463656.1596310377

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://citigrand-q2.com/wp-content/uploads/cache/fvm/1595213040/out/header-f0058641a050d28b94dd899c6780665c0c05dbf9.min.js(Line 15) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://c.trazk.com/widgets/clients/widgetLoader.min.js?uuid=&hostname=citigrand-q2.com(Line 1) Message: check 1
console-api	log	URL: https://themes.trazk.com/004/maxLead-v2c/js/script.js(Line 339) Message: check mobile bottom

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c.trazk.com
citigrand-q2.com
googleads.g.doubleclick.net
localapi.trazk.com
stats.g.doubleclick.net
themes.trazk.com
uhchat.net
www.citigrand-q2.bds24hsaigon.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
125.212.217.61
172.217.16.130
172.96.191.182
210.211.116.252
2606:4700:3033::681c:168a
2606:4700:3036::6812:2b05
2a00:1450:4001:801::2003
2a00:1450:4001:801::2004
2a00:1450:4001:808::200a
2a00:1450:4001:816::2008
2a00:1450:4001:816::200e
2a00:1450:4001:81c::2002
2a00:1450:400c:c06::9b
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
157bcd0a28191c0042b9412849f5bd6d777888efce78adbaa3195672fdedf14c
16eb8e8ca68fc9640c7825e2912bc9663880965ea75ece3dd028692bfa7afdd3
1db22928209a8298a50f98ae7a3ffb05c9ddbdea1a134ac3bcda958a991e860e
24d5dd213e8233a226357e6a375f5dbe161d246be65fe75d8536bca5ef18bfe5
2cb51f98a0d6862d1a155a8f4f97987bab160fe5976c2724a3e7e175f4abecd4
3065e10621af60d6237dc9d1a2cc1522936f4275061e1b997e8de9cdb7dbfe18
33d24481ad9790edaff8e5d9587fb445846ef4d82130d59773e9ed602f5bd3ff
3489caa49670a556ef320d02cbdb449c15d4f1d93c6697914b8edb810e386d21
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
3d7684a8e1cf5d57b58ed3b0cf4c51ef136d851c6955226b0acf2c1ba4bafdb3
3e1e4e919d7e9f9d0b1e03369c43b93822b5f9f8f633e46227b7c601b2849f0a
43744adae985cf04512091d0bfe6a0bb8c8241fa6c0286d6f2c46c1403fb7f12
4c32decf0c5d56b9747d14290edb9d779c234798820ff043272f0834b58c76ca
558968cce04d4dffad0792278f0c14ab5e5b9f828ac3beeb9b900c448243f2da
5aef3a302e5f4a9ac3b4854fe9b37b4114a04589029e3f69a65ea5d260c77a0b
5cbb8292e4f2286cf49f23bc44e96ad1a780f85c6efca9c55b4dfb0fdb81399d
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877
6b309e222dbe169fdf75968a4b93d83927737f4623967a28cb5cadf19e134ace
6e118352a7aa5decff98701d6440f4c8c50c57868b55319eb41c8781c4df696a
6f2820d01cf08a8da6f7b0e9319a61096564180ef9ccf167cba63ac5dace4096
6f5af67f3d67b997024fd8983f96ebe2e725dc7a6e93901b2df14459470d21d5
71aa66e3c94df617c70a1b9530acaa18c9f049d6d29dbaa6d0efe84d7104805a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844ce3066943e4c7c1f279312b5ee643f5bd2b1f3584bb6bee9cd1265fd177a8
89967ffc1b63ebdb8b541d361205ed603b7949d7e3445be94bba2ea77fed6a26
8b2dcf638a6080162938835d615ac49eaec12851ea616344713573068bd2982b
90a25f1c70da859bd8b02ef32bd249523e768b797854a8584ad2d6bdc3da370a
9a192f04b288f5177a4fa5d9b378e63ae7ed9b873663609a2fd58e209630f627
9f0522b9b45af994560bc71931e86da19c11f251f0567b02776b73041ccb6b49
a67597e1596d239ee1dabf782a7d9bf2c42e42ba2af1d85e15ffe9e315a13b39
ac0d4221b3719cc1be1df58e2c57a8821abf37b247c60095374b9c113ae5c515
ba1384100563186a5d399248333ddd3ac59a0b39d313b5b7da4f4cf2e5c67915
c06866afd635e494df88863dcf61cca3cd41528860100b3e71e41ebcfff7808a
c2454d27adafe5b2e2d50f17466ea8ca384780db7b847eabf71c74bcceedb19a
c457fdd887fca922cc4047dea0f6ac5b2c11fc6c696d7b672702639cb55ff867
cad472735192b57dbd97425e4c1fe844b2b260623b3aa23f990f1699fec2faa4
cc0b877f420cc481e8499d66d02a97d9e1eef11309db0f03666416132aed22e8
d413e7626f3cf55ef507c5b32b514aaafc318a84a2456d2dfdac844b03ab08b5
da4dce76690750fd992daa5b243016dcce1dc894bf75e9bd882ad1568ede0515
dfbb565655b81d226e060a8c4e88854a406c6d8f739d5c283a3b64c090f9ba73
e3481e467134fa6f1f60da87314336e899dcb9481f7879fd447251aadb582935
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67fb2ad31203de5a297033097a1442773c823ff6dc71f7fb26353e46270538d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef92f6e1fa52b85237de280341403829010d588869f931af932a9fe42d551c4b
f17164d39bdf624fd93d1a3ce6f7a50e4848f1ba85abb5abc0e94f5caf79026e
f6b6960abf91f418f0e9fd7c4f96834f5cc7727a663ac4b1ca8de435b848dff9
fc878d154f60d539e3f6938aab78c6808536fe488a4beb7543ba70ca6ee6a680
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ff65c6a3b716ae696170f17006e5b017751677908e6b56b53a27379f7dc578df

citigrand-q2.com Open in urlscan Pro 172.96.191.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

69 %IPv6

11 Domains

14 Subdomains

12 IPs

5 Countries

1278 kBTransfer

2111 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

citigrand-q2.com Open in urlscan Pro
172.96.191.182 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

69 %
IPv6

11
Domains

14
Subdomains

12
IPs

5
Countries

1278 kB
Transfer

2111 kB
Size

9
Cookies

40 HTTP transactions
16 data transactions