hdsdnoibo.citigym.com.vn Open in urlscan Pro
18.139.62.226 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hdsdnoibo.citigym.com.vn/
Submission: On August 19 via automatic, source certstream-suspicious (August 19th 2024, 7:03:56 am UTC) — Scanned from SG

Summary HTTP 56 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 56 HTTP transactions. The main IP is 18.139.62.226, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is hdsdnoibo.citigym.com.vn.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on August 19th 2024. Valid for: 3 months.

This is the only time hdsdnoibo.citigym.com.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	18.139.62.226 18.139.62.226	16509 (AMAZON-02) (AMAZON-02)
11	13.33.88.65 13.33.88.65	16509 (AMAZON-02) (AMAZON-02)
3	13.228.217.131 13.228.217.131	16509 (AMAZON-02) (AMAZON-02)
2	142.251.175.93 142.251.175.93	15169 (GOOGLE) (GOOGLE)
3	142.251.10.91 142.251.10.91	15169 (GOOGLE) (GOOGLE)
6	157.240.217.15 157.240.217.15	32934 (FACEBOOK) (FACEBOOK)
4	74.125.200.97 74.125.200.97	15169 (GOOGLE) (GOOGLE)
1	13.107.246.59 13.107.246.59	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	64.233.170.155 64.233.170.155	15169 (GOOGLE) (GOOGLE)
2	216.239.38.178 216.239.38.178	15169 (GOOGLE) (GOOGLE)
3	64.233.170.102 64.233.170.102	15169 (GOOGLE) (GOOGLE)
1	74.125.130.156 74.125.130.156	15169 (GOOGLE) (GOOGLE)
4	74.125.130.94 74.125.130.94	15169 (GOOGLE) (GOOGLE)
3	74.125.130.104 74.125.130.104	15169 (GOOGLE) (GOOGLE)
8	157.240.217.35 157.240.217.35	32934 (FACEBOOK) (FACEBOOK)
1 1	13.228.225.245 13.228.225.245	16509 (AMAZON-02) (AMAZON-02)
56	16

2 18.139.62.226 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-62-226.ap-southeast-1.compute.amazonaws.com

hdsdnoibo.citigym.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.33.88.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-65.sin2.r.cloudfront.net

w.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.228.217.131 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-217-131.ap-southeast-1.compute.amazonaws.com

a.ladipage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.93 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f93.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.10.91 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f91.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 157.240.217.15 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-xsp1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.246.59 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.233.170.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.38.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.233.170.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f102.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.130.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.130.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f94.1e100.net

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.130.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 157.240.217.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-xsp1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.228.225.245 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-225-245.ap-southeast-1.compute.amazonaws.com

static.ladipage.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	ladicdn.com w.ladicdn.com — Cisco Umbrella Rank: 48331 g.ladicdn.com — Cisco Umbrella Rank: 185150	2 MB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	5 KB
6	google.com analytics.google.com — Cisco Umbrella Rank: 238 www.google.com — Cisco Umbrella Rank: 10	192 B
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	255 KB
5	youtube.com www.youtube.com — Cisco Umbrella Rank: 84	13 KB
4	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 11401	778 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	5 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	365 KB
3	ladipage.com a.ladipage.com — Cisco Umbrella Rank: 54712	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
1	ladipage.net 1 redirects static.ladipage.net — Cisco Umbrella Rank: 96524	270 B
1	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 1114	164 B
1	citigym.com.vn hdsdnoibo.citigym.com.vn	50 KB
56	13

	Domain	Requested by
11	w.ladicdn.com	hdsdnoibo.citigym.com.vn
8	www.facebook.com	hdsdnoibo.citigym.com.vn connect.facebook.net
6	connect.facebook.net	hdsdnoibo.citigym.com.vn g.ladicdn.com connect.facebook.net
5	www.youtube.com	w.ladicdn.com www.youtube.com
4	www.google.com.sg	hdsdnoibo.citigym.com.vn
4	www.googletagmanager.com	g.ladicdn.com hdsdnoibo.citigym.com.vn www.googletagmanager.com
3	www.google.com	hdsdnoibo.citigym.com.vn
3	analytics.google.com	www.googletagmanager.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	a.ladipage.com	w.ladicdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	static.ladipage.net	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.clarity.ms	hdsdnoibo.citigym.com.vn
1	g.ladicdn.com	w.ladicdn.com
1	hdsdnoibo.citigym.com.vn
56	16

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.facebook.com
www.instagram.com
www.citispa.com.vn

Subject Issuer	Validity	Valid
hdsdnoibo.citigym.com.vn ZeroSSL RSA Domain Secure Site CA	`2024-08-19` - `2024-11-17`	3 months	crt.sh
w.ladicdn.com Amazon RSA 2048 M02	`2023-10-12` - `2024-11-10`	a year	crt.sh
a.ladipage.com Amazon RSA 2048 M03	`2024-04-17` - `2025-05-16`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
g.ladicdn.com ZeroSSL RSA Domain Secure Site CA	`2024-08-17` - `2024-11-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-28` - `2024-08-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com.sg WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://hdsdnoibo.citigym.com.vn/
Frame ID: E50EBC9BE46CAD1E3B1D31C50B0C7E4B
Requests: 51 HTTP requests in this frame

Frame: https://www.youtube.com/embed/AZelyD3rYyQ?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fhdsdnoibo.citigym.com.vn&widgetid=1
Frame ID: FE0C37CC9ADE2F6072D4667A27575153
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/r0D2Usn_8VA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fhdsdnoibo.citigym.com.vn&widgetid=2
Frame ID: ED36E742818A6BC6D5EAF916AE7FE385
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/itj8Zd6pUY4?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fhdsdnoibo.citigym.com.vn&widgetid=3
Frame ID: 3FBCCDCA89ACDF89C7C565780EC0FC66
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=412954116600161&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0a3a31329d0f3905%26domain%3Dhdsdnoibo.citigym.com.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhdsdnoibo.citigym.com.vn%252Ff551c1d7a109a7289%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcitispa.nailing.hairdressing&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Frame ID: F343C95E2CF6409D98C1358622F2652E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=412954116600161&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1afd9dd1ab9bd0e2%26domain%3Dhdsdnoibo.citigym.com.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhdsdnoibo.citigym.com.vn%252Ff551c1d7a109a7289%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcitispavn%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Frame ID: 726A4DC4B6939CA4235A00DFCA30EF3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HDSD NỘI BỘ - GIỚI THIỆU THƯƠNG HIỆU CITIGYM, CITISPA

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

56
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

16
IPs

2
Countries

2950 kB
Transfer

5042 kB
Size

15
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/maps/place/Citispa/@10.8091143,106.6689755,16.9z/data=!4m5!3m4!1s0x317529ad79413ac7:0xce09484fe4cbd45c!8m2!3d10.809008!4d106.6710872
Title: 130 - 132 Hồng Hà, Phường 9, Quận Phú Nhuận, HCM

Search URL Search Domain Scan URL

URL: https://www.facebook.com/citispa.nailing.hairdressing

Search URL Search Domain Scan URL

URL: https://www.instagram.com/citispa.nailing.hairdressing/

Search URL Search Domain Scan URL

URL: https://www.citispa.com.vn/cham-soc-co-the
Title: Chăm sóc cơ thể

Search URL Search Domain Scan URL

URL: https://www.citispa.com.vn/nail
Title: Nails

Search URL Search Domain Scan URL

URL: https://www.citispa.com.vn/workshop
Title: Workshop

Search URL Search Domain Scan URL

URL: https://www.citispa.com.vn/giam-beo
Title: Body Shaping

Search URL Search Domain Scan URL

URL: https://www.citispa.com.vn/lam-dep-da
Title: Làm đẹp da

Search URL Search Domain Scan URL

URL: https://www.citispa.com.vn/massage
Title: Massage

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://static.ladipage.net/5e54ce64f4a6442c5ac64044/logo-citispa-01-1080-20210510115529.png HTTP 301
https://w.ladicdn.com/5e54ce64f4a6442c5ac64044/logo-citispa-01-1080-20210510115529.png

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hdsdnoibo.citigym.com.vn/ 374 KB
50 KB 109ms
9ms Document
text/html 18.139.62.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hdsdnoibo.citigym.com.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.139.62.226 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-139-62-226.ap-southeast-1.compute.amazonaws.com

Software

openresty /

Resource Hash

dd64e72671381596989bc4765d7f347aa2b37354aba97cc4c942fd8085dcd526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 19 Aug 2024 07:03:49 GMT
server: openresty
statuscode: 200
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ladipage.vi.min.js Show response
w.ladicdn.com/v2/source/ 377 KB
87 KB 26ms
8ms Script
text/javascript 13.33.88.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1665717529923
Requested by: Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-65.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 5c248a509f1aafd9c718b1b6e6d933e6c9ebd9451c60a249052eb83755fc9f60

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Apr 2024 09:14:04 GMT
content-encoding: gzip
via: 1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 10878585
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: jrYUe5vaF2gaJhX0tw0ebeac0yk6sL6EOA02d3OWndI_frVtbjrjkw==
expires: Tue, 15 Apr 2025 09:14:04 GMT

GET
H2 200 lexend-bold-20210715091546.ttf
w.ladicdn.com/5e54ce64f4a6442c5ac64044/ 101 KB
102 KB 16ms
9ms Font
font/ttf 13.33.88.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/5e54ce64f4a6442c5ac64044/lexend-bold-20210715091546.ttf
Requested by: Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-65.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 6551ff93f3301c38803eb3f360c9d9a43e534558b9609cfdc4371b70f118e4c5

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
Origin: https://hdsdnoibo.citigym.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 27 May 2024 09:56:40 GMT
via: 1.1 12092b1d863b1b4b20da0d09effe7b36.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN2-P2
age: 7247229
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: PezZMaiNvnNWTTlooLOpoikq0tg3wR4XDrzFPmJcharuCy_-zw_7IQ==
expires: Tue, 27 May 2025 09:56:39 GMT

GET
H2 200 lexend-semibold-20210715091547.ttf
w.ladicdn.com/5e54ce64f4a6442c5ac64044/ 98 KB
99 KB 23ms
17ms Font
font/ttf 13.33.88.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/5e54ce64f4a6442c5ac64044/lexend-semibold-20210715091547.ttf
Requested by: Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-65.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 570763b70a72845e928108dc5a148c22813bc58ace803e196645715305867444

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
Origin: https://hdsdnoibo.citigym.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 10:20:35 GMT
via: 1.1 12092b1d863b1b4b20da0d09effe7b36.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN2-P2
age: 74594
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: zIonNqzwxiulp4vHc7UtmN9xoDpkCk5Kzun9uSco6gv29pUgIiY5kg==
expires: Mon, 18 Aug 2025 10:20:35 GMT

GET
H2 200 lexend-regular-20210715091547.ttf
w.ladicdn.com/5e54ce64f4a6442c5ac64044/ 96 KB
97 KB 19ms
14ms Font
font/ttf 13.33.88.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/5e54ce64f4a6442c5ac64044/lexend-regular-20210715091547.ttf
Requested by: Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-65.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 147f0e478e4341e1e672e5ac97f2717ff1e4663879e0aa0180d3f032a1d6de1e

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
Origin: https://hdsdnoibo.citigym.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 17 May 2024 00:37:40 GMT
via: 1.1 12092b1d863b1b4b20da0d09effe7b36.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN2-P2
age: 8144769
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: OblkSpq0vB0fWFxNtWmCwhKRR_GvUc9Oz4H0H1sfrWn4dBq-oIMm6Q==
expires: Sat, 17 May 2025 00:37:40 GMT

GET
H2 200 nova-service_full-20220404081630.png
w.ladicdn.com/s550x450/5e54ce64f4a6442c5ac64044/ 56 KB
55 KB 1910ms
1907ms Image
image/png 13.33.88.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s550x450/5e54ce64f4a6442c5ac64044/nova-service_full-20220404081630.png
Requested by: Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-65.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: b5bfb23dae0f336b077d08af99a19694667abf292319d36bddc040118e886aa2

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 07:03:51 GMT
content-encoding: gzip
via: 1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: HcOAx466wLGJwRIu6kuVaLPl2SL-50tS7fnx5mu6pr0QeXlD86D4EA==
expires: Tue, 19 Aug 2025 07:03:51 GMT

GET
H2 200 logocitigym-nentrang-20201013193635.png
w.ladicdn.com/s550x350/5e54ce64f4a6442c5ac64044/ 7 KB
6 KB 3707ms
3705ms Image
image/png 13.33.88.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s550x350/5e54ce64f4a6442c5ac64044/logocitigym-nentrang-20201013193635.png
Requested by: Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-65.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: df32c6c273de2ac2f5c35c2f279e90d2c4e34a6e07d37c13c7b0886674bfb4b0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 07:03:52 GMT
content-encoding: gzip
via: 1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: hTbnqM_6fSm0eXiz-bqjOtzgMxE1U5-txF_tbAGJBCfQcFfdAnkTwQ==
expires: Tue, 19 Aug 2025 07:03:52 GMT

GET
H2 200 logo-citispa-01-1080-20210510115529.png
w.ladicdn.com/s550x450/5e54ce64f4a6442c5ac64044/ 33 KB
32 KB 8ms
6ms Image
image/png 13.33.88.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s550x450/5e54ce64f4a6442c5ac64044/logo-citispa-01-1080-20210510115529.png
Requested by: Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-65.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 08ae3e61b125c0b0855de9e9bf547f3ada543e5ed7917c85bd590375803c4c8a

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 27 May 2024 09:56:40 GMT
content-encoding: gzip
via: 1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 7247229
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: SGfF0yPz-37ykwRj5jCRGTWGhsmyCzYBIK7gtNbbWFGMJWw4VO3sNA==
expires: Tue, 27 May 2025 09:56:40 GMT

GET
H2 200 chinh-20211201141525.png
w.ladicdn.com/s900x1000/5e54ce64f4a6442c5ac64044/ 904 KB
903 KB 521ms
519ms Image
image/png 13.33.88.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s900x1000/5e54ce64f4a6442c5ac64044/chinh-20211201141525.png
Requested by: Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-65.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 88c890a4b6d3c9bf337a0cc5371ce915dd06c655c95ad1ebd4c43b85385e2eda

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 07:03:49 GMT
content-encoding: gzip
via: 1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: VKkvhlBSDVUrJK9LqhVke5Zb8jQNv8yoLLf_njntr3vWwojd4yepsg==
expires: Tue, 19 Aug 2025 07:03:49 GMT

GET
H2 200 kv1-20211202023112.png
w.ladicdn.com/s1050x800/5e54ce64f4a6442c5ac64044/ 815 KB
813 KB 1912ms
1910ms Image
image/png 13.33.88.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1050x800/5e54ce64f4a6442c5ac64044/kv1-20211202023112.png
Requested by: Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-65.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 24d9f7e736b0776c1a40558de4953de36413cba54bc67cfd81c4c6987a75258e

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 07:03:51 GMT
content-encoding: gzip
via: 1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: r9cr87n33tBC-5fGqbX5T5RS9hAoHb-gDn1Cv84QOmwL-mpdVxQQZg==
expires: Tue, 19 Aug 2025 07:03:51 GMT

GET
H2 200 ladipage.min.css
w.ladicdn.com/v2/source/ 66 KB
6 KB 6ms
5ms Stylesheet
text/css 13.33.88.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.min.css?v=1665717529923
Requested by: Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-65.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Apr 2024 09:14:04 GMT
content-encoding: gzip
via: 1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 10878585
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: EkMmti9sz1u0zCvs8XkDYl1HNJxlaKZrSJ_kyDU03u6wpJyjBRvXpQ==
expires: Tue, 15 Apr 2025 09:14:04 GMT

OPTIONS
H2 200 event
a.ladipage.com/ Frame 0
0 13ms
3ms Preflight
application/json 13.228.217.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.228.217.131 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-217-131.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Access-Control-Request-Method: POST
Origin: https://hdsdnoibo.citigym.com.vn
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 19 Aug 2024 07:03:49 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 event Show response
a.ladipage.com/ 125 B
651 B 11ms
10ms XHR
text/plain 13.228.217.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1665717529923

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.228.217.131 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-217-131.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0e8766356e7b8f563df27d4e7928077709065f892850c9089cb42d922530fc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

LADI_CLIENT_ID: c9a9cce0-aa38-4c73-5989-87a536844e8a
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT: 0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
LADI_CAMP_NAME
Content-Type: application/json
Referer: https://hdsdnoibo.citigym.com.vn/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW: 0
LADI_PAGE_VIEW: 1
LADI_CAMP_TYPE

Response headers

date: Mon, 19 Aug 2024 07:03:49 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 25ms
15ms Script
text/javascript 142.251.175.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1665717529923

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.93 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f93.1e100.net

Software

ESF /

Resource Hash

7732d8ecb86efc4dd1cc25f5ec0bc4264b06f8c5eee066483fabfdb6bd8df988

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 07:03:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script'
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 19 Aug 2024 07:03:49 GMT

GET
H2 200 5e54ce64f4a6442c5ac64044-606eaaf8cfc64d001254b2b4.js Show response
g.ladicdn.com/tracking/ 6 KB
2 KB 19ms
5ms Script
application/javascript 18.139.62.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ladicdn.com/tracking/5e54ce64f4a6442c5ac64044-606eaaf8cfc64d001254b2b4.js?v=1724051029373
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1665717529923
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.62.226 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-62-226.ap-southeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: ccbf5ff1ad159b93bb9e6f02d7c3fc01aeec5b6040e5fd81e00af126c47075dd

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 07:03:49 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 03:34:44 GMT
server: openresty
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
statuscode: 200

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/53afa3ce/www-widgetapi.vflset/ 31 KB
11 KB 4ms
3ms Script
text/javascript 142.251.175.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/53afa3ce/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.93 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f93.1e100.net

Software

sffe /

Resource Hash

b1db2c0444aac40cc0d8cfc5cef921f9d8ef04c5e3b49dd0df39cf25a7132473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 21:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10557
x-xss-protection: 0
last-modified: Wed, 14 Aug 2024 04:19:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Aug 2025 21:54:26 GMT

GET
H2 200 AZelyD3rYyQ
www.youtube.com/embed/ Frame FE0C 0
0 177ms
167ms Document
text/html 142.251.10.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/AZelyD3rYyQ?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fhdsdnoibo.citigym.com.vn&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53afa3ce/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.91 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f91.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Aug 2024 07:03:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 r0D2Usn_8VA
www.youtube.com/embed/ Frame ED36 0
0 82ms
77ms Document
text/html 142.251.10.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/r0D2Usn_8VA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fhdsdnoibo.citigym.com.vn&widgetid=2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53afa3ce/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.91 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f91.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Aug 2024 07:03:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 itj8Zd6pUY4
www.youtube.com/embed/ Frame 3FBC 0
0 86ms
81ms Document
text/html 142.251.10.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/itj8Zd6pUY4?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fhdsdnoibo.citigym.com.vn&widgetid=3

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53afa3ce/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.91 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f91.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Aug 2024 07:03:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 24ms
4ms Script
application/x-javascript 157.240.217.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-xsp1.fbcdn.net

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Aug 2024 07:03:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=16, mss=1380, tbw=2833, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: sIUMwpUHWhdcnfXw8XkvxrGWLpWnIF4CI9wEHX8+Fpa5XHv3N6Wj9JlfgXjZx7zNocJtTCCQONzTHmUo0HIDPw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 event Show response
a.ladipage.com/ 35 B
561 B 12ms
4ms XHR
text/plain 13.228.217.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1665717529923

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.228.217.131 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-217-131.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

54d86716fecee1adf2d23273fe078cab4b7b0db3da3459fa9a42f5312427adf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

LADI_CLIENT_ID: c9a9cce0-aa38-4c73-5989-87a536844e8a
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT: 0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
LADI_CAMP_NAME
Content-Type: application/json
Referer: https://hdsdnoibo.citigym.com.vn/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW: 0
LADI_PAGE_VIEW: 1
LADI_CAMP_TYPE

Response headers

date: Mon, 19 Aug 2024 07:03:49 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
102 KB 43ms
27ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YTR3YGD4ZY

Requested by

Host: g.ladicdn.com
URL: https://g.ladicdn.com/tracking/5e54ce64f4a6442c5ac64044-606eaaf8cfc64d001254b2b4.js?v=1724051029373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

dafa40a98ac135f950723b958323a754ec50660a15abb918f66f5a16f081fea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 07:03:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104067
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Aug 2024 07:03:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 219 KB
78 KB 38ms
23ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KRWXJJF

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

5d2c0416b230e7975bc3527a2d9e3b219f78ac09107ab0dcbc34fd3c17c9146f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 07:03:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80028
x-xss-protection: 0
last-modified: Mon, 19 Aug 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Aug 2024 07:03:49 GMT

GET
H2 204 b80fzev226 Show response
www.clarity.ms/tag/ 0
164 B 253ms
228ms Script
text/plain 13.107.246.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/b80fzev226
Requested by: Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 07:03:49 GMT
x-azure-ref: 20240819T070349Z-155445f45d7cj6clfkfqqdbk3g00000004yg00000000b8rw
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
83 KB 32ms
17ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-388455941

Requested by

Host: g.ladicdn.com
URL: https://g.ladicdn.com/tracking/5e54ce64f4a6442c5ac64044-606eaaf8cfc64d001254b2b4.js?v=1724051029373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

97e380cb065a81a193c7c0d8e091911e53adc13b5b85f66093bf11653ec8c3ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 07:03:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85045
x-xss-protection: 0
last-modified: Mon, 19 Aug 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Aug 2024 07:03:49 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
4 KB 19ms
5ms Script
application/x-javascript 157.240.217.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: g.ladicdn.com
URL: https://g.ladicdn.com/tracking/5e54ce64f4a6442c5ac64044-606eaaf8cfc64d001254b2b4.js?v=1724051029373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-xsp1.fbcdn.net

Software

Resource Hash

6d24597c3bd260be5092a8bad3e3dd370dc361ef094e44bd2c2ae1f07890765b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
Origin: https://hdsdnoibo.citigym.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 07:03:49 GMT
content-md5: ++TxKbeVcC2fqDEHB2HiTg==
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=16, mss=1380, tbw=2799, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: /u91P8Il8APawvX9e/OAuxqFGHc6qLDVfhqNYrnRJsvKVQEf04Ty1vs4trGX67ySKgPLCxkyv2/7u5Gsrze80w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 260a37aa1db48af72d3a78c9eb7085fe
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "19a1619362c068e0a59c54eacac5d1c0"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 19 Aug 2024 07:11:41 GMT

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/vi_VN/sdk/ 314 KB
90 KB 19ms
7ms Script
application/x-javascript 157.240.217.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-xsp1.fbcdn.net

Software

Resource Hash

55878d55335be9f879defeb6af4ed0f48e83fd62c22d16699b792193bcceccc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 07:03:49 GMT
content-md5: 7qvSycrHwtVzSKPYVNtSlQ==
document-policy: force-load-at-top
x-fb-server-load: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 91626
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=16, mss=1380, tbw=64383, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: g8geeuqdtZQG44zkImlWWS3pEVzjfw13dCZ1c/NnyO/xz327Z+hsrMEpdm/WNQJoLMuXySrA8mhAjys1ZFZqkA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: fded6b432308235f72d86a913918d67a
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "2248df98b8f0077befb1f2620b95fe81"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 19 Aug 2024 07:22:23 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 300 KB
86 KB 6ms
4ms Script
application/x-javascript 157.240.217.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=c484f94fea82a5bf03d639534045f8fd

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-xsp1.fbcdn.net

Software

Resource Hash

6446985ab81be3a7718c42273e4d7d4d79a4781e607190a2cbd0a1b2f3567920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
Origin: https://hdsdnoibo.citigym.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 07:03:49 GMT
content-md5: QT1G4vcXo4pIvSjaq6uAfA==
document-policy: force-load-at-top
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87833
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=21, mss=1380, tbw=6663, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: 7gxXmtOWShewN0ZtttRualN6M9HfXuS7Vb20nfEKoehkJdCzUoSeu8b6I+hY/BHHZh/u/Mg3SWKVDYlHuKkWGQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: ceae406e7d5d765cbc339cf894be54a3
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "71dfa52b78552681829fc954c4291698"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 19 Aug 2025 05:57:03 GMT

GET
H2 200 378748724039178 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 296ms
294ms Script
application/x-javascript 157.240.217.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/378748724039178?v=2.9.164&r=stable&domain=hdsdnoibo.citigym.com.vn&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-xsp1.fbcdn.net

Software

Resource Hash

5db80e2ef812b7543c6499f223d34dc2c02d30bfc8baf1b4327b967d6e4f84e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Aug 2024 07:03:49 GMT
document-policy: force-load-at-top
x-fb-server-load: 26
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=132, mss=1380, tbw=156787, tp=-1, tpl=-1, uplat=289, ullat=0
pragma: public
x-fb-debug: 2KIlQeinvT37zjqy8Pjs0mZOaer0Md88yNPIisNPBAcWGfNorNj91kNSaTtCgvRkuMX+OqVeNeXoaECcskz/3g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
102 KB 39ms
19ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YTR3YGD4ZY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-388455941

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

42e24790f50e734ecb3ef84fe905345414c24a27f1a903ab77c01aceb5caa56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 07:03:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104114
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Aug 2024 07:03:49 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/388455941/ 3 KB
1 KB 30ms
17ms Script
text/javascript 64.233.170.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/388455941/?random=1724051029513&cv=11&fst=1724051029513&bg=ffffff&guid=ON&async=1&gtm=45be48e0v894328004za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=HDSD%20N%E1%BB%98I%20B%E1%BB%98%20-%20GI%E1%BB%9AI%20THI%E1%BB%86U%20TH%C6%AF%C6%A0NG%20HI%E1%BB%86U%20CITIGYM%2C%20CITISPA&npa=0&pscdl=noapi&auid=1597738999.1724051030&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-388455941

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.170.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f155.1e100.net

Software

cafe /

Resource Hash

ff289e8fafd052329b7b780899e76f241ab263b042668d6ea3ce0d0f0ed1b849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/388455941/ 3 KB
1 KB 27ms
17ms Script
text/javascript 64.233.170.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/388455941/?random=1724051029527&cv=11&fst=1724051029527&bg=ffffff&guid=ON&async=1&gtm=45be48e0v894328004za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=HDSD%20N%E1%BB%98I%20B%E1%BB%98%20-%20GI%E1%BB%9AI%20THI%E1%BB%86U%20TH%C6%AF%C6%A0NG%20HI%E1%BB%86U%20CITIGYM%2C%20CITISPA&npa=0&pscdl=noapi&auid=1597738999.1724051030&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-388455941

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.170.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f155.1e100.net

Software

cafe /

Resource Hash

1e0ff05e5c612dab6e02f1b17bb83782b164743e66d596f1675c62192570cf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1427
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/388455941/ 3 KB
1 KB 31ms
23ms Script
text/javascript 64.233.170.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/388455941/?random=1724051029529&cv=11&fst=1724051029529&bg=ffffff&guid=ON&async=1&gtm=45be48e0v894328004za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=HDSD%20N%E1%BB%98I%20B%E1%BB%98%20-%20GI%E1%BB%9AI%20THI%E1%BB%86U%20TH%C6%AF%C6%A0NG%20HI%E1%BB%86U%20CITIGYM%2C%20CITISPA&npa=0&pscdl=noapi&auid=1597738999.1724051030&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-388455941

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.170.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f155.1e100.net

Software

cafe /

Resource Hash

bb3f794cfdd4c2c33d7053ef38b492967220ca1969da2f57a53c38c2dc7daf57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1425
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
3ms Script
text/javascript 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRWXJJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 06:01:33 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3736
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 19 Aug 2024 08:01:33 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 21ms
3ms Fetch
text/plain 64.233.170.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-YTR3YGD4ZY&gtm=45je48e0v880687829z8843296806za200zb894328004&_p=1724051029403&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=58071781.1724051030&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724051029&sct=1&seg=0&dl=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&dt=HDSD%20N%E1%BB%98I%20B%E1%BB%98%20-%20GI%E1%BB%9AI%20THI%E1%BB%86U%20TH%C6%AF%C6%A0NG%20HI%E1%BB%86U%20CITIGYM%2C%20CITISPA&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=525
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YTR3YGD4ZY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hdsdnoibo.citigym.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 19ms
3ms Ping
text/plain 74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YTR3YGD4ZY&cid=58071781.1724051030&gtm=45je48e0v880687829z8843296806za200zb894328004&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YTR3YGD4ZY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hdsdnoibo.citigym.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
107 B 337ms
322ms Image
image/gif 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YTR3YGD4ZY&cid=58071781.1724051030&gtm=45je48e0v880687829z8843296806za200zb894328004&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=2035991846

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 7ms
4ms Fetch
text/plain 64.233.170.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-YTR3YGD4ZY&gtm=45je48e0v880687829za200zb894328004&_p=1724051029403&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=58071781.1724051030&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1724051029&sct=1&seg=1&dl=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&dt=HDSD%20N%E1%BB%98I%20B%E1%BB%98%20-%20GI%E1%BB%9AI%20THI%E1%BB%86U%20TH%C6%AF%C6%A0NG%20HI%E1%BB%86U%20CITIGYM%2C%20CITISPA&en=page_view&_ee=1&_et=4&tfd=543
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YTR3YGD4ZY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hdsdnoibo.citigym.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/388455941/ 42 B
64 B 23ms
12ms Image
image/gif 74.125.130.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/388455941/?random=1724051029513&cv=11&fst=1724050800000&bg=ffffff&guid=ON&async=1&gtm=45be48e0v894328004za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=HDSD%20N%E1%BB%98I%20B%E1%BB%98%20-%20GI%E1%BB%9AI%20THI%E1%BB%86U%20TH%C6%AF%C6%A0NG%20HI%E1%BB%86U%20CITIGYM%2C%20CITISPA&npa=0&pscdl=noapi&auid=1597738999.1724051030&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfYCO4c-5yD4ELWcqhe5dEMYO0lED1AA&random=37162331&rmt_tld=0&ipr=y

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/388455941/ 42 B
455 B 9ms
8ms Image
image/gif 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/388455941/?random=1724051029513&cv=11&fst=1724050800000&bg=ffffff&guid=ON&async=1&gtm=45be48e0v894328004za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=HDSD%20N%E1%BB%98I%20B%E1%BB%98%20-%20GI%E1%BB%9AI%20THI%E1%BB%86U%20TH%C6%AF%C6%A0NG%20HI%E1%BB%86U%20CITIGYM%2C%20CITISPA&npa=0&pscdl=noapi&auid=1597738999.1724051030&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfYCO4c-5yD4ELWcqhe5dEMYO0lED1AA&random=37162331&rmt_tld=1&ipr=y

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/388455941/ 42 B
64 B 17ms
10ms Image
image/gif 74.125.130.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/388455941/?random=1724051029527&cv=11&fst=1724050800000&bg=ffffff&guid=ON&async=1&gtm=45be48e0v894328004za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=HDSD%20N%E1%BB%98I%20B%E1%BB%98%20-%20GI%E1%BB%9AI%20THI%E1%BB%86U%20TH%C6%AF%C6%A0NG%20HI%E1%BB%86U%20CITIGYM%2C%20CITISPA&npa=0&pscdl=noapi&auid=1597738999.1724051030&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfJpnjX6zz8tsnuPwd5GhAFhNZ3RKxKw&random=3809937097&rmt_tld=0&ipr=y

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/388455941/ 42 B
108 B 14ms
13ms Image
image/gif 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/388455941/?random=1724051029527&cv=11&fst=1724050800000&bg=ffffff&guid=ON&async=1&gtm=45be48e0v894328004za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=HDSD%20N%E1%BB%98I%20B%E1%BB%98%20-%20GI%E1%BB%9AI%20THI%E1%BB%86U%20TH%C6%AF%C6%A0NG%20HI%E1%BB%86U%20CITIGYM%2C%20CITISPA&npa=0&pscdl=noapi&auid=1597738999.1724051030&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfJpnjX6zz8tsnuPwd5GhAFhNZ3RKxKw&random=3809937097&rmt_tld=1&ipr=y

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/388455941/ 42 B
64 B 17ms
11ms Image
image/gif 74.125.130.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/388455941/?random=1724051029529&cv=11&fst=1724050800000&bg=ffffff&guid=ON&async=1&gtm=45be48e0v894328004za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=HDSD%20N%E1%BB%98I%20B%E1%BB%98%20-%20GI%E1%BB%9AI%20THI%E1%BB%86U%20TH%C6%AF%C6%A0NG%20HI%E1%BB%86U%20CITIGYM%2C%20CITISPA&npa=0&pscdl=noapi&auid=1597738999.1724051030&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf9kZ8lDVA7El2GXi97DY6Fqp5Ec-bFA&random=735707164&rmt_tld=0&ipr=y

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/388455941/ 42 B
108 B 8ms
8ms Image
image/gif 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/388455941/?random=1724051029529&cv=11&fst=1724050800000&bg=ffffff&guid=ON&async=1&gtm=45be48e0v894328004za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=HDSD%20N%E1%BB%98I%20B%E1%BB%98%20-%20GI%E1%BB%9AI%20THI%E1%BB%86U%20TH%C6%AF%C6%A0NG%20HI%E1%BB%86U%20CITIGYM%2C%20CITISPA&npa=0&pscdl=noapi&auid=1597738999.1724051030&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf9kZ8lDVA7El2GXi97DY6Fqp5Ec-bFA&random=735707164&rmt_tld=1&ipr=y

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
214 B 5ms
3ms XHR
text/plain 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=337068237&t=pageview&_s=1&dl=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&ul=en-sg&de=UTF-8&dt=HDSD%20N%E1%BB%98I%20B%E1%BB%98%20-%20GI%E1%BB%9AI%20THI%E1%BB%86U%20TH%C6%AF%C6%A0NG%20HI%E1%BB%86U%20CITIGYM%2C%20CITISPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=483286976&gjid=1278005129&cid=58071781.1724051030&tid=UA-194121186-1&_gid=1746063105.1724051030&_r=1&_slc=1&gtm=45He48e0n81KRWXJJFv843296806za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1494418243

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hdsdnoibo.citigym.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 443128130127149 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 331ms
327ms Script
application/x-javascript 157.240.217.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/443128130127149?v=2.9.164&r=stable&domain=hdsdnoibo.citigym.com.vn&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.217.15 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-xsp1.fbcdn.net

Software

Resource Hash

5993bb410bdeda4d3afcc90b881d88a3a38283b31c0ac54e3a203ee92b058e3a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Aug 2024 07:03:50 GMT
document-policy: force-load-at-top
x-fb-server-load: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4640, tp=12, tpl=0, uplat=323, ullat=0
pragma: public
x-fb-debug: h91BZ7CkBogjvYHW/TNm1wRpZGwuHzEcgaV9ApeJXHMc0dSUtbfn8fe8M54utOafka4lK7J2jcYVk7Q3HISdUA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
271 B 56ms
4ms Image
text/plain 157.240.217.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=378748724039178&ev=PageView&dl=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&rl=&if=false&ts=1724051029783&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.2.1724051029781.224781013583792002&ler=empty&cdl=API_unavailable&it=1724051029460&coo=false&eid=ladi.1724051029402.17855439245&rqm=GET

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-xsp1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=10, mss=1380, tbw=2852, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Aug 2024 07:03:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 297ms
248ms Image
image/png 157.240.217.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=378748724039178&ev=PageView&dl=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&rl=&if=false&ts=1724051029783&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.2.1724051029781.224781013583792002&ler=empty&cdl=API_unavailable&it=1724051029460&coo=false&eid=ladi.1724051029402.17855439245&rqm=FGET

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-xsp1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 19 Aug 2024 07:03:49 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7404742787044253733", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1380, tbw=3199, tp=-1, tpl=-1, uplat=244, ullat=0
pragma: no-cache
x-fb-debug: u2woIVXA61FiCk+FjD8ilwcvyuFqSwqX+qnCwkAprIp6zILqZDVQ7KDseklNTcgW2WijcxqZ2QudMwbyhYNRKA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7404742787044253733"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 55ms
6ms Image
text/plain 157.240.217.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=378748724039178&ev=ViewContent&dl=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&rl=&if=false&ts=1724051029785&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.2.1724051029781.224781013583792002&ler=empty&cdl=API_unavailable&it=1724051029460&coo=false&eid=ladi.1724051029402.52436801242&rqm=GET

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-xsp1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=10, mss=1380, tbw=2852, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Aug 2024 07:03:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
851 B 296ms
247ms Image
image/png 157.240.217.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=378748724039178&ev=ViewContent&dl=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&rl=&if=false&ts=1724051029785&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.2.1724051029781.224781013583792002&ler=empty&cdl=API_unavailable&it=1724051029460&coo=false&eid=ladi.1724051029402.52436801242&rqm=FGET

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-xsp1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 19 Aug 2024 07:03:49 GMT
document-policy: force-load-at-top
x-fb-server-load: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7404742786223284923", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1380, tbw=6524, tp=-1, tpl=-1, uplat=243, ullat=0
pragma: no-cache
x-fb-debug: Gp9C561BiO3e33r2rLiHFrO48fcRJ5Jgve+KjJoljL1Z5sTZCeVdDYJzxfy1OyFbxjqHDJ6DzVN9aa8e0Tn7Tw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7404742786223284923"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
124 B 5ms
3ms Image
text/plain 157.240.217.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=443128130127149&ev=PageView&dl=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&rl=&if=false&ts=1724051030124&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.2.1724051029781.224781013583792002&ler=empty&cdl=API_unavailable&it=1724051029460&coo=false&rqm=GET

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-xsp1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1380, tbw=7445, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Aug 2024 07:03:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
854 B 212ms
211ms Image
image/png 157.240.217.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=443128130127149&ev=PageView&dl=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&rl=&if=false&ts=1724051030124&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.2.1724051029781.224781013583792002&ler=empty&cdl=API_unavailable&it=1724051029460&coo=false&rqm=FGET

Requested by

Host: hdsdnoibo.citigym.com.vn
URL: https://hdsdnoibo.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-xsp1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 19 Aug 2024 07:03:50 GMT
document-policy: force-load-at-top
x-fb-server-load: 15
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7404742790989985147", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1380, tbw=7613, tp=-1, tpl=-1, uplat=208, ullat=0
pragma: no-cache
x-fb-debug: NOh7gwJmmkplyG1IkcA+bPH2osOfyKh0RXe5bXlvpCbU9ZA/kHSFp9kQw6vSlehxyw9Eb6qqt+m/atRIKETjjA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7404742790989985147"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 page.php
www.facebook.com/v10.0/plugins/ Frame F343 0
0 223ms
219ms Document
text/html 157.240.217.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=412954116600161&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0a3a31329d0f3905%26domain%3Dhdsdnoibo.citigym.com.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhdsdnoibo.citigym.com.vn%252Ff551c1d7a109a7289%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcitispa.nailing.hairdressing&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-xsp1.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Aug 2024 07:03:53 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7404742805314502669"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7404742805314502669", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1380, tbw=2803, tp=-1, tpl=-1, uplat=216, ullat=0
x-fb-debug: QCRRF4Vm8El/pn0YfH7WVMMy+6+ZDkLPQYodeEflX4tTqeey2tr2LVjAaUXlzlicVcrm6wq/O28U2StgA/TLwQ==
x-fb-server-load: 56
x-xss-protection: 0

GET
H2 200 page.php
www.facebook.com/v10.0/plugins/ Frame 726A 0
0 219ms
219ms Document
text/html 157.240.217.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=412954116600161&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1afd9dd1ab9bd0e2%26domain%3Dhdsdnoibo.citigym.com.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhdsdnoibo.citigym.com.vn%252Ff551c1d7a109a7289%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcitispavn%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.217.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-xsp1.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Aug 2024 07:03:53 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7404742803375116798"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7404742803375116798", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=4, rtx=0, c=14, mss=1380, tbw=15195, tp=-1, tpl=-1, uplat=216, ullat=0
x-fb-debug: tcpHIzyqkg0y+LREOGVqTqxsmyKLKV0Xj5S4DE15YWQA7RLWLqLJEt3LIHJcdliLypFu9PfbmdWN5bZCY01tlw==
x-fb-server-load: 28
x-xss-protection: 0

GET
H2

200

logo-citispa-01-1080-20210510115529.png
w.ladicdn.com/5e54ce64f4a6442c5ac64044/
Redirect Chain

https://static.ladipage.net/5e54ce64f4a6442c5ac64044/logo-citispa-01-1080-20210510115529.png
https://w.ladicdn.com/5e54ce64f4a6442c5ac64044/logo-citispa-01-1080-20210510115529.png

35 KB
33 KB

46ms
46ms

Other
image/png

13.33.88.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/5e54ce64f4a6442c5ac64044/logo-citispa-01-1080-20210510115529.png
Protocol: H2
Server: 13.33.88.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-65.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 3fe9fa4481537983b832886dafc3642b1c49e744a79f167f31297defc800948d

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 07:03:53 GMT
content-encoding: gzip
via: 1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: 1kMZ_4VuTGjekdpSmmwFbMLGBM7IrQ0WOHhwk1vbJjkFAh8mkHxp9A==
expires: Tue, 19 Aug 2025 07:03:53 GMT

Redirect headers

location: https://w.ladicdn.com:443/5e54ce64f4a6442c5ac64044/logo-citispa-01-1080-20210510115529.png
date: Mon, 19 Aug 2024 07:03:53 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

POST
H2 204 collect
analytics.google.com/g/ 0
0 6ms
3ms Fetch
text/plain 64.233.170.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-YTR3YGD4ZY&gtm=45je48e0v880687829za200zb894328004&_p=1724051029403&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=58071781.1724051030&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&sid=1724051029&sct=1&seg=1&dl=https%3A%2F%2Fhdsdnoibo.citigym.com.vn%2F&dt=HDSD%20N%E1%BB%98I%20B%E1%BB%98%20-%20GI%E1%BB%9AI%20THI%E1%BB%86U%20TH%C6%AF%C6%A0NG%20HI%E1%BB%86U%20CITIGYM%2C%20CITISPA&_s=3&tfd=5544
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YTR3YGD4ZY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://hdsdnoibo.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 19 Aug 2024 07:03:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hdsdnoibo.citigym.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hdsdnoibo.citigym.com.vn/	1970-01-21 08:30:11	Name: LADI_DNS_CHECK Value: "2024-08-19 07:03:49.192414524 +0000 UTC m=+1117125.145908406"
hdsdnoibo.citigym.com.vn/	1970-01-21 08:30:11	Name: LADI_CLIENT_ID Value: c9a9cce0-aa38-4c73-5989-87a536844e8a
hdsdnoibo.citigym.com.vn/	1970-01-21 08:30:11	Name: LADI_FORM_SUBMIT Value: 0
hdsdnoibo.citigym.com.vn/	1970-01-21 08:30:11	Name: LADI_PAGE_VIEW Value: 1
hdsdnoibo.citigym.com.vn/	1970-01-20 22:55:37	Name: _timenow Value: 1724051029290
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: fFnbsR0ydes
.youtube.com/	1970-01-21 03:13:23	Name: VISITOR_INFO1_LIVE Value: grq7I0LMTXg
.youtube.com/	1970-01-21 03:13:23	Name: VISITOR_PRIVACY_METADATA Value: CgJTRxIEGgAgZQ%3D%3D
.citigym.com.vn/	1970-01-21 01:03:47	Name: _gcl_au Value: 1.1.1597738999.1724051030
.doubleclick.net/	1970-01-20 22:54:11	Name: test_cookie Value: CheckForPermission
.citigym.com.vn/	1970-01-21 08:30:11	Name: _ga Value: GA1.3.58071781.1724051030
.citigym.com.vn/	1970-01-20 22:55:37	Name: _gid Value: GA1.3.1746063105.1724051030
.citigym.com.vn/	1970-01-20 22:54:11	Name: _gat_UA-194121186-1 Value: 1
.citigym.com.vn/	1970-01-21 01:03:47	Name: _fbp Value: fb.2.1724051029781.224781013583792002
.citigym.com.vn/	1970-01-21 08:30:11	Name: _ga_YTR3YGD4ZY Value: GS1.1.1724051029.1.1.1724051031.58.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/53afa3ce/www-widgetapi.vflset/www-widgetapi.js(Line 203) Message: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
analytics.google.com
connect.facebook.net
g.ladicdn.com
googleads.g.doubleclick.net
hdsdnoibo.citigym.com.vn
static.ladipage.net
stats.g.doubleclick.net
w.ladicdn.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.youtube.com
13.107.246.59
13.228.217.131
13.228.225.245
13.33.88.65
142.251.10.91
142.251.175.93
157.240.217.15
157.240.217.35
18.139.62.226
216.239.38.178
64.233.170.102
64.233.170.155
74.125.130.104
74.125.130.156
74.125.130.94
74.125.200.97
08ae3e61b125c0b0855de9e9bf547f3ada543e5ed7917c85bd590375803c4c8a
0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a
0e8766356e7b8f563df27d4e7928077709065f892850c9089cb42d922530fc7f
147f0e478e4341e1e672e5ac97f2717ff1e4663879e0aa0180d3f032a1d6de1e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e0ff05e5c612dab6e02f1b17bb83782b164743e66d596f1675c62192570cf55
24d9f7e736b0776c1a40558de4953de36413cba54bc67cfd81c4c6987a75258e
3fe9fa4481537983b832886dafc3642b1c49e744a79f167f31297defc800948d
42e24790f50e734ecb3ef84fe905345414c24a27f1a903ab77c01aceb5caa56d
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
54d86716fecee1adf2d23273fe078cab4b7b0db3da3459fa9a42f5312427adf2
55878d55335be9f879defeb6af4ed0f48e83fd62c22d16699b792193bcceccc8
570763b70a72845e928108dc5a148c22813bc58ace803e196645715305867444
5993bb410bdeda4d3afcc90b881d88a3a38283b31c0ac54e3a203ee92b058e3a
5c248a509f1aafd9c718b1b6e6d933e6c9ebd9451c60a249052eb83755fc9f60
5d2c0416b230e7975bc3527a2d9e3b219f78ac09107ab0dcbc34fd3c17c9146f
5db80e2ef812b7543c6499f223d34dc2c02d30bfc8baf1b4327b967d6e4f84e2
6446985ab81be3a7718c42273e4d7d4d79a4781e607190a2cbd0a1b2f3567920
6551ff93f3301c38803eb3f360c9d9a43e534558b9609cfdc4371b70f118e4c5
6d24597c3bd260be5092a8bad3e3dd370dc361ef094e44bd2c2ae1f07890765b
7732d8ecb86efc4dd1cc25f5ec0bc4264b06f8c5eee066483fabfdb6bd8df988
88c890a4b6d3c9bf337a0cc5371ce915dd06c655c95ad1ebd4c43b85385e2eda
97e380cb065a81a193c7c0d8e091911e53adc13b5b85f66093bf11653ec8c3ab
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b1db2c0444aac40cc0d8cfc5cef921f9d8ef04c5e3b49dd0df39cf25a7132473
b5bfb23dae0f336b077d08af99a19694667abf292319d36bddc040118e886aa2
bb3f794cfdd4c2c33d7053ef38b492967220ca1969da2f57a53c38c2dc7daf57
ccbf5ff1ad159b93bb9e6f02d7c3fc01aeec5b6040e5fd81e00af126c47075dd
cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf
dafa40a98ac135f950723b958323a754ec50660a15abb918f66f5a16f081fea1
dd64e72671381596989bc4765d7f347aa2b37354aba97cc4c942fd8085dcd526
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df32c6c273de2ac2f5c35c2f279e90d2c4e34a6e07d37c13c7b0886674bfb4b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff289e8fafd052329b7b780899e76f241ab263b042668d6ea3ce0d0f0ed1b849

hdsdnoibo.citigym.com.vn Open in urlscan Pro 18.139.62.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

98 %HTTPS

0 %IPv6

13 Domains

16 Subdomains

16 IPs

2 Countries

2950 kBTransfer

5042 kBSize

15 Cookies

9 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hdsdnoibo.citigym.com.vn Open in urlscan Pro
18.139.62.226 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

16
IPs

2
Countries

2950 kB
Transfer

5042 kB
Size

15
Cookies

56 HTTP transactions
1 data transactions