carnival.toyota.com.vn Open in urlscan Pro
103.154.177.55  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response carnival.toyota.com.vn/	7 KB 4 KB	4786ms 384ms	Document text/html	103.154.177.55 Telecom Joint Sto...
General Check archive.org Show headers Download Go to Full URL https://carnival.toyota.com.vn/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.154.177.55 , Viet Nam, ASN140762 (VISITEC-AS-VN Vinh Railway Signalling - Telecom Joint Stock Company, VN), Reverse DNS Software Apache/2.4.55 (Ubuntu) / Resource Hash fa9b3e274029e09fcd5ac8d148ad097ebabced82291a75454315fd7e6fcc9334 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-cache, private Connection Keep-Alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 23 Nov 2023 16:00:19 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.55 (Ubuntu) Transfer-Encoding chunked Vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	11 KB 1 KB	628ms 0ms	Stylesheet text/css	2607:f8b0:4006:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700 Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 575bbbf8b2076fd27f1020084ed48b141c1045ad0165c4154643bc1ae0476a65 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 23 Nov 2023 16:00:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 23 Nov 2023 15:34:09 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 23 Nov 2023 16:00:20 GMT
GET H2	200	boxicons.min.css unpkg.com/boxicons@2.1.2/css/	65 KB 12 KB	497ms 0ms	Stylesheet text/css	2606:4700::6810:7eaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/boxicons@2.1.2/css/boxicons.min.css Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b29cd63064611eeb851354145a1c984fe883d87971b53105206ad1d5da3de824 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 16:00:20 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 1320225 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01HEQ3G7TGBW65DH4H40FEQ5CN-mia server cloudflare etag W/"1040b-st8SVFhWC0QWHIN1iDcT6zrpEwU" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 82aa9fdd9b2867b7-MIA
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/	190 KB 30 KB	476ms 0ms	Stylesheet text/css	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/bootstrap.min.css Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 23 Nov 2023 16:00:20 GMT x-content-type-options nosniff content-encoding br age 3222686 x-jsd-version 5.2.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 30275 x-served-by cache-fra-eddf8230090-FRA, cache-mia-kmia1760048-MIA x-jsd-version-type version etag W/"2f88b-Yz6bIW1g1A6raHMXUTTpNbVU+JE" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	select2.min.css cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/	16 KB 16 KB	477ms 0ms	Stylesheet text/css	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 23 Nov 2023 16:00:20 GMT x-content-type-options nosniff age 3249278 x-jsd-version 4.1.0-rc.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 16264 x-served-by cache-fra-eddf8230031-FRA, cache-mia-kmia1760048-MIA x-jsd-version-type version etag W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	frontend.css carnival.toyota.com.vn/css/frontend/	865 B 754 B	399ms 333ms	Stylesheet text/css	103.154.177.55 Telecom Joint Sto...
General Check archive.org Show headers Download Go to Full URL https://carnival.toyota.com.vn/css/frontend/frontend.css?v=1.0.0 Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.154.177.55 , Viet Nam, ASN140762 (VISITEC-AS-VN Vinh Railway Signalling - Telecom Joint Stock Company, VN), Reverse DNS Software Apache/2.4.55 (Ubuntu) / Resource Hash 5bdc7c2ff222e4570e5c5f8e8258d84fb8a96fdfc59f8e196233b9eb8260c1ec Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Thu, 23 Nov 2023 16:00:19 GMT Content-Encoding gzip Last-Modified Thu, 23 Nov 2023 10:13:03 GMT Server Apache/2.4.55 (Ubuntu) ETag "361-60acf14ce8a9d-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 418
GET H2	200	toastr.min.css cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/	6 KB 3 KB	468ms 0ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.css Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 16:00:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1067972 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2517 last-modified Mon, 04 May 2020 16:17:02 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ffe-1936" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrwLzMPCq1N0dI1Y1zRsxnXczmNKfiqq6CiWnOgnjrJIv3arGPxlKZNGGjFHQtaW5s36WpV5TyfiRe5piXgMYVfeqdllM%2BMM895xWKH8DY6TpzPmWUyZ%2B3PVfxQl7cRvDm6m%2B3tbneyWGnmozVMZBoKb"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 82aa9fdd68e3288e-MIA expires Tue, 12 Nov 2024 16:00:20 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 31 KB	641ms 0ms	Script text/javascript	2607:f8b0:4006:820::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 20:18:03 GMT content-encoding gzip x-content-type-options nosniff age 70937 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31017 x-xss-protection 0 last-modified Wed, 10 Mar 2021 14:28:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 21 Nov 2024 20:18:03 GMT
GET H2	200	jquery.form.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.form/4.3.0/	17 KB 6 KB	484ms 8ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.form/4.3.0/jquery.form.min.js Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd329c644951f3c041200e8279e3c90063ac5b5c8861fe253fca48df7dd8b99c Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://carnival.toyota.com.vn/ Origin https://carnival.toyota.com.vn accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 16:00:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1884525 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5719 last-modified Sun, 07 Jun 2020 05:05:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5edc7595-42c6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKgL2E3WhBrBEx0xYB208hTKLXzdEV3v7%2Fy59QrAJCpiEEizK1tyuk2k%2BUBEO5G23KICe0fw2Y%2BieAESWcpH%2F0xSCkqxCahB2wgL15bk%2FMMwK41L26iwSz229vdptJbAsHGEf%2FlUv8XWdMpAo30CaQ5t"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 82aa9fdd89b90362-MIA expires Tue, 12 Nov 2024 16:00:20 GMT
GET H2	200	select2.min.js Show response cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/	71 KB 21 KB	504ms 30ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 23 Nov 2023 16:00:20 GMT x-content-type-options nosniff content-encoding br age 2033096 x-jsd-version 4.1.0-rc.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 21153 x-served-by cache-fra-eddf8230125-FRA, cache-mia-kmia1760048-MIA x-jsd-version-type version etag W/"11dcb-beEOdKmS/KFegD2RDRMPgmYxy4Y" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	argon.js Show response carnival.toyota.com.vn/argon/js/	21 KB 6 KB	591ms 347ms	Script application/javascript	103.154.177.55 Telecom Joint Sto...
General Check archive.org Show headers Download Go to Full URL https://carnival.toyota.com.vn/argon/js/argon.js?v=1.0.0 Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.154.177.55 , Viet Nam, ASN140762 (VISITEC-AS-VN Vinh Railway Signalling - Telecom Joint Stock Company, VN), Reverse DNS Software Apache/2.4.55 (Ubuntu) / Resource Hash a877864007eb3c54a2e93e42e95e83d9dac97217a6e6c93a74ac01682b560c14 Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Thu, 23 Nov 2023 16:00:20 GMT Content-Encoding gzip Last-Modified Thu, 23 Nov 2023 10:13:03 GMT Server Apache/2.4.55 (Ubuntu) ETag "5355-60acf14c54396-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 5880
GET H/1.1	200 OK	jquery.min.js Show response carnival.toyota.com.vn/argon/vendor/jquery/dist/	85 KB 30 KB	962ms 342ms	Script application/javascript	103.154.177.55 Telecom Joint Sto...
General Check archive.org Show headers Download Go to Full URL https://carnival.toyota.com.vn/argon/vendor/jquery/dist/jquery.min.js Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.154.177.55 , Viet Nam, ASN140762 (VISITEC-AS-VN Vinh Railway Signalling - Telecom Joint Stock Company, VN), Reverse DNS Software Apache/2.4.55 (Ubuntu) / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Thu, 23 Nov 2023 16:00:20 GMT Content-Encoding gzip Last-Modified Thu, 23 Nov 2023 10:13:03 GMT Server Apache/2.4.55 (Ubuntu) ETag "1538f-60acf14c756d7-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 30307
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/	79 KB 24 KB	502ms 30ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.bundle.min.js Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c4b2394a30fa0e4a23c6b308541353e20872a6fd765ed8fb70e6b402029deb00 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 23 Nov 2023 16:00:20 GMT x-content-type-options nosniff content-encoding br age 3158765 x-jsd-version 5.2.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 24684 x-served-by cache-fra-eddf8230122-FRA, cache-mia-kmia1760048-MIA x-jsd-version-type version etag W/"13a70-XI9suYM5fetlZzuWGoZXz9YROtk" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	sweetalert2@11 Show response cdn.jsdelivr.net/npm/	75 KB 21 KB	503ms 32ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/sweetalert2@11 Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e7ee140344701f1acb771ba8fbf2e2a199087ab4acf05fd50e757826cf597704 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 23 Nov 2023 16:00:20 GMT x-content-type-options nosniff content-encoding br age 22631 x-jsd-version 11.10.1 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 21469 x-served-by cache-fra-eddf8230029-FRA, cache-mia-kmia1760048-MIA x-jsd-version-type version etag W/"12b3b-RimU/Qj1uZajKjz3B6Mu8E+LzVU" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	bootstrap-datepicker.min.js Show response cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.9.0/js/	33 KB 9 KB	450ms 0ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.9.0/js/bootstrap-datepicker.min.js Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ea55ea86749ee1fe560fabac6b3effd81b33046fa74dc657e24d41d28110a9f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 16:00:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 982839 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 9041 last-modified Mon, 04 May 2020 16:06:38 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03d8e-839d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNNPzB13KwitDDhQbIGpMgTXG4chaV0NhsYjwohD6kJHknUJb3e3UT%2Bb6DE5QKYZ%2B3orz78Syj3PWC%2BoRFfuADy7VDSYkBnADuteK3bsRlFnoLH6Auk8hsCLRQ%2Bur3lL64v69D8NrwzP7dx7gpXBU1KQ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 82aa9fdd68ee288e-MIA expires Tue, 12 Nov 2024 16:00:20 GMT
GET H/1.1	200 OK	app.js Show response carnival.toyota.com.vn/js/	748 KB 160 KB	1173ms 344ms	Script application/javascript	103.154.177.55 Telecom Joint Sto...
General Check archive.org Show headers Download Go to Full URL https://carnival.toyota.com.vn/js/app.js Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.154.177.55 , Viet Nam, ASN140762 (VISITEC-AS-VN Vinh Railway Signalling - Telecom Joint Stock Company, VN), Reverse DNS Software Apache/2.4.55 (Ubuntu) / Resource Hash 3e839aea9a3c553ef363dfccd6ba8723941e7c0c0f63489b2f5d314ee2bff710 Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Thu, 23 Nov 2023 16:00:20 GMT Content-Encoding gzip Last-Modified Thu, 23 Nov 2023 10:13:04 GMT Server Apache/2.4.55 (Ubuntu) ETag "bafff-60acf14d36ca0-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H2	200	datatables.min.js Show response cdn.datatables.net/v/dt/dt-1.12.1/r-2.3.0/	106 KB 37 KB	577ms 0ms	Script application/javascript	2606:4700:10::6816:325d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.datatables.net/v/dt/dt-1.12.1/r-2.3.0/datatables.min.js Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88d1156f8ed7885fd5eaf1bdd62f408592d23fbc25d59268a58d912bf3cdb4f0 Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 16:00:20 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 01 Nov 2023 11:58:50 GMT server cloudflare age 1915290 vary Accept-Encoding access-control-allow-methods OPTIONS, GET content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31557600 cf-ray 82aa9fde093b2589-MIA
GET H/1.1	200 OK	buttons.server-side.js Show response carnival.toyota.com.vn/vendor/datatables/	9 KB 2 KB	1251ms 327ms	Script application/javascript	103.154.177.55 Telecom Joint Sto...
General Check archive.org Show headers Download Go to Full URL https://carnival.toyota.com.vn/vendor/datatables/buttons.server-side.js Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.154.177.55 , Viet Nam, ASN140762 (VISITEC-AS-VN Vinh Railway Signalling - Telecom Joint Stock Company, VN), Reverse DNS Software Apache/2.4.55 (Ubuntu) / Resource Hash 978c4665a31c2d5c3884cf2cf2da40879f82acc644ec96a559dbf01d6e3879c7 Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Thu, 23 Nov 2023 16:00:20 GMT Content-Encoding gzip Last-Modified Thu, 23 Nov 2023 10:13:04 GMT Server Apache/2.4.55 (Ubuntu) ETag "2370-60acf14d57042-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1821
GET H2	200	toastr.min.js Show response cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/	5 KB 2 KB	446ms 0ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 16:00:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 164777 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1763 last-modified Mon, 04 May 2020 16:17:02 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ffe-1483" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAa1JCOCBzM7dAG6Bc5uCcs3LR4Sj8xvhb7KF5OQ0rPBkR87qnqbyrWB64tlHWHxRdS1aUL2mxyHRSaqx2OT%2B4mKEj6F1eXdFl%2Flms4RdoBn2CnW5MmO2%2Fw2Q%2FaXfTaaAGqHdZ7TTEdizBTRpicaXdTy"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 82aa9fdd68f1288e-MIA expires Tue, 12 Nov 2024 16:00:20 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 623 B	295ms 60ms	Stylesheet text/css	2607:f8b0:4006:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/css/frontend/frontend.css?v=1.0.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 39b752928c723222cf1a05d1a77a7f64ce5a8f055f3d1052ad03a2f2d6370265 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 23 Nov 2023 16:00:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 23 Nov 2023 14:45:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 23 Nov 2023 16:00:20 GMT
GET H2	200	flasher.min.js Show response cdn.jsdelivr.net/npm/@flasher/flasher@1.2.4/dist/	16 KB 5 KB	317ms 0ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@flasher/flasher@1.2.4/dist/flasher.min.js Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 018dfac993a7ceff1513bf428edeb0b5b95390745634c7910bfd81cd13dbc3c7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 23 Nov 2023 16:00:20 GMT x-content-type-options nosniff content-encoding br age 2034928 x-jsd-version 1.2.4 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 4484 x-served-by cache-fra-eddf8230133-FRA, cache-mia-kmia1760048-MIA x-jsd-version-type version etag W/"4088-wFhVKo+RVPX3Kg/+bEDTRPO+TKs" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	bg-pc.png carnival.toyota.com.vn/images/frontend/	1 MB 1 MB	380ms 318ms	Image image/png	103.154.177.55 Telecom Joint Sto...
General Check archive.org Show headers Download Go to Show image Full URL https://carnival.toyota.com.vn/images/frontend/bg-pc.png Requested by Host: carnival.toyota.com.vn URL: https://carnival.toyota.com.vn/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.154.177.55 , Viet Nam, ASN140762 (VISITEC-AS-VN Vinh Railway Signalling - Telecom Joint Stock Company, VN), Reverse DNS Software Apache/2.4.55 (Ubuntu) / Resource Hash ec38ab6ace09a609a9c93a31cb5ad056b44aca6f3782b196a87ba759861dcc3e Request headers accept-language en-US,en;q=0.9 Referer https://carnival.toyota.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Thu, 23 Nov 2023 16:00:20 GMT Last-Modified Thu, 23 Nov 2023 10:13:04 GMT Server Apache/2.4.55 (Ubuntu) ETag "15948e-60acf14d28240" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1414286

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery undefined| Datepicker undefined| CopyIcon undefined| FormControl object| $map undefined| map undefined| lat undefined| lng string| color function| initMap undefined| Navbar undefined| NavbarCollapse undefined| noUiSlider undefined| Popover undefined| ScrollTo undefined| Tooltip object| Charts undefined| OrdersChart undefined| SalesChart number| uidEvent object| bootstrap function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| flasher object| webpackChunk object| __VUE_HMR_RUNTIME__ object| devtoolsFormatters boolean| __VUE__ object| __VUE_DEVTOOLS_HOOK_REPLAY__ object| $jscomp function| $jscomp$lookupPolyfilledValue function| DataTable object| toastr

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			carnival.toyota.com.vn/	1970-01-20 16:27:21	Name: XSRF-TOKEN Value: eyJpdiI6IjhPWlNCVWFCVlRXWERicmQvcFlIdHc9PSIsInZhbHVlIjoiZW5rcTZxTlV1S0JrM3dSeDkzaUlqa01XL1Q3WXBmcHozVEEwZGdQOW05azI0eWFTT2ZBQjF0ejZvdGRIR0VRZ2VFZloyVVNpTFFiekhSTmkrZWJtT2JUOSs0QkZLQjdEZDJpV2g1OW9mdlFZS1BZQVZ1R0hFNllSdXZ1dnZzc2wiLCJtYWMiOiI4ZDc2NDgxZTEwMTRjMTFiMzgxZTQyOTM2YzYyZDE1NGZiNDljMWExZDYwZjYxMTQ4ZDM5YWYzZThhOTNhNjMzIiwidGFnIjoiIn0%3D
			carnival.toyota.com.vn/	1970-01-20 16:27:21	Name: ung_dung_checkin_su_kien_session Value: eyJpdiI6InA3U21OeURDd2ViTXpXN3kzZFJSeHc9PSIsInZhbHVlIjoiK1Exd1lzd1VxK2dpM2EvK1UrNi9uYU5qVm9tcUtpSnZTRndTbmVuYS9WWG8xTmhOVVplU0JMckxqbStzeXR1U1hGbnh6UWNwejV1SHFUWW9iT000TjNxM1hoZTNLRmtseWUvM25HVFB0cFlVSm5YdEtBcmw4RTdJYWQwYjVDWE8iLCJtYWMiOiJlOWE4MTU2MGQ3MjYyZTQ3NWU5MzA1NTQ2YjNkYmJiZTMwMTkwNjZhMTYzOGRlMWQ3ZDA0MDMyNTIzMDA5MTI2IiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
carnival.toyota.com.vn
cdn.datatables.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
unpkg.com
103.154.177.55
2606:4700:10::6816:325d
2606:4700::6810:7eaf
2606:4700::6811:180e
2607:f8b0:4006:808::200a
2607:f8b0:4006:820::200a
2a04:4e42:600::485
018dfac993a7ceff1513bf428edeb0b5b95390745634c7910bfd81cd13dbc3c7
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
39b752928c723222cf1a05d1a77a7f64ce5a8f055f3d1052ad03a2f2d6370265
3e839aea9a3c553ef363dfccd6ba8723941e7c0c0f63489b2f5d314ee2bff710
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
575bbbf8b2076fd27f1020084ed48b141c1045ad0165c4154643bc1ae0476a65
5bdc7c2ff222e4570e5c5f8e8258d84fb8a96fdfc59f8e196233b9eb8260c1ec
6ea55ea86749ee1fe560fabac6b3effd81b33046fa74dc657e24d41d28110a9f
88d1156f8ed7885fd5eaf1bdd62f408592d23fbc25d59268a58d912bf3cdb4f0
978c4665a31c2d5c3884cf2cf2da40879f82acc644ec96a559dbf01d6e3879c7
a877864007eb3c54a2e93e42e95e83d9dac97217a6e6c93a74ac01682b560c14
b29cd63064611eeb851354145a1c984fe883d87971b53105206ad1d5da3de824
c4b2394a30fa0e4a23c6b308541353e20872a6fd765ed8fb70e6b402029deb00
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
dd329c644951f3c041200e8279e3c90063ac5b5c8861fe253fca48df7dd8b99c
e7ee140344701f1acb771ba8fbf2e2a199087ab4acf05fd50e757826cf597704
ec38ab6ace09a609a9c93a31cb5ad056b44aca6f3782b196a87ba759861dcc3e
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
fa9b3e274029e09fcd5ac8d148ad097ebabced82291a75454315fd7e6fcc9334
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e