offer.citibeauty.sg Open in urlscan Pro
119.81.38.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://offer.citibeauty.sg/
Submission: On September 29 via automatic, source certstream-suspicious (September 29th 2020, 2:54:37 am UTC)

Summary HTTP 60 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 60 HTTP transactions. The main IP is 119.81.38.13, located in Singapore, Singapore and belongs to SOFTLAYER, US. The main domain is offer.citibeauty.sg.
TLS certificate: Issued by offer.citibeauty.sg on March 25th 2020. Valid for: a year.

This is the only time offer.citibeauty.sg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	119.81.38.13 119.81.38.13	36351 (SOFTLAYER) (SOFTLAYER)
4	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.95.1.167 143.95.1.167	62729 (ASMALLORA...) (ASMALLORANGE1)
5	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
60	7

44 119.81.38.13 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: d.26.5177.ip4.static.sl-reverse.com

offer.citibeauty.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.95.1.167 (Los Angeles, United States)

ASN62729 (ASMALLORANGE1, US)

icecube.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	citibeauty.sg offer.citibeauty.sg	2 MB
5	gstatic.com fonts.gstatic.com	81 KB
4	googleapis.com fonts.googleapis.com	3 KB
2	facebook.com www.facebook.com	404 B
2	facebook.net connect.facebook.net	166 KB
2	crazyegg.com script.crazyegg.com	36 KB
1	icecube.sg icecube.sg
60	7

	Domain	Requested by
44	offer.citibeauty.sg	offer.citibeauty.sg
5	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	offer.citibeauty.sg
2	www.facebook.com	offer.citibeauty.sg
2	connect.facebook.net	offer.citibeauty.sg connect.facebook.net
2	script.crazyegg.com	offer.citibeauty.sg script.crazyegg.com
1	icecube.sg	offer.citibeauty.sg
60	7

This site contains links to these domains. Also see Links.

Domain
maps.google.com

Subject Issuer	Validity	Valid
offer.citibeauty.sg offer.citibeauty.sg	`2020-03-25` - `2021-03-25`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.myserverhosts.com COMODO RSA Domain Validation Secure Server CA	`2018-06-08` - `2020-06-08`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://offer.citibeauty.sg/
Frame ID: FE17F6C35C4E671DC25CA5DF4EA0A93C
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

60
Requests

25 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

2655 kB
Transfer

4346 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://maps.google.com/maps?ll=1.314,103.764518&z=16&t=m&hl=en&gl=PH&mapclient=embed&cid=13802265091279256249

Search URL Search Domain Scan URL

URL: https://maps.google.com/maps?ll=1.342374,103.776259&z=16&t=m&hl=en&gl=PH&mapclient=embed&cid=2647953798064799551

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
offer.citibeauty.sg/ 297 KB
59 KB 4255ms
1278ms Document
text/html 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: ebb1cbdbfe5c93fa2476092a2a017c594142156d30f2b142207f3831e1b6ae8b

Request headers

Host: offer.citibeauty.sg
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.18.0
Date: Tue, 29 Sep 2020 02:54:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H/1.1 200
OK base.css
offer.citibeauty.sg/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/ 704 B
563 B 332ms
329ms Stylesheet
text/css 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/base.css?ver=2.5.5
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: d16400e6b2166cf4a5b37b2216cde40c8637e6693cf623abbee9f8cd21a7dc33

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:57:22 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK blank_v2.css
offer.citibeauty.sg/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/ 0
213 B 1189ms
1186ms Stylesheet
text/css 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/blank_v2.css?ver=2.5.5
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:16 GMT
Last-Modified: Mon, 15 Jun 2020 05:57:22 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Content-Type: text/css

GET
H/1.1 200
OK style.min.css
offer.citibeauty.sg/wp-includes/css/dist/block-library/ 52 KB
10 KB 1437ms
1105ms Stylesheet
text/css 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:47:41 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK theme.min.css
offer.citibeauty.sg/wp-includes/css/dist/block-library/ 2 KB
932 B 636ms
224ms Stylesheet
text/css 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-includes/css/dist/block-library/theme.min.css?ver=5.4.2
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: ddf3d45a29935c10a00179049cd6707e94d930840a57440214ca3eb2962dc562

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:47:41 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK styles.css
offer.citibeauty.sg/wp-content/plugins/contact-form-7/includes/css/ 2 KB
965 B 1350ms
728ms Stylesheet
text/css 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.9
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:56:10 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK thrive_flat.css
offer.citibeauty.sg/wp-content/plugins/thrive-visual-editor/editor/css/ 591 KB
85 KB 1270ms
648ms Stylesheet
text/css 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=2.5.5
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: f30ca1290d519fc7430bf193241443d945d726ca6d9a1eb5a1d4214d8801bee1

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:57:23 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 7 KB
769 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback

Requested by

Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8a6082875d315f50b0f9b60502d84af2aae1179af60ddc0ad4a6367ace6c95f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 02:15:34 GMT
server: ESF
date: Tue, 29 Sep 2020 02:54:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Sep 2020 02:54:15 GMT

GET
H/1.1 200
OK style.css
offer.citibeauty.sg/wp-content/themes/twentyseventeen/ 86 KB
21 KB 1058ms
422ms Stylesheet
text/css 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-content/themes/twentyseventeen/style.css?ver=20190507
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: def1c1b43186434ddf9c00c48950e2f3564adb613771689b49d68dc0d7bb4eff

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:55:38 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK blocks.css
offer.citibeauty.sg/wp-content/themes/twentyseventeen/assets/css/ 10 KB
2 KB 1457ms
501ms Stylesheet
text/css 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20190105
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 8851c4eff7c025edc379ed3d6f62dbba14afeb88261ad9bf4e1eb47ca5682a0a

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:55:38 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK jquery.js Show response
offer.citibeauty.sg/wp-includes/js/jquery/ 95 KB
39 KB 1295ms
237ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:47:40 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK jquery-migrate.min.js Show response
offer.citibeauty.sg/wp-includes/js/jquery/ 10 KB
4 KB 1539ms
351ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 May 2016 16:41:28 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 9635.js Show response
script.crazyegg.com/pages/scripts/0078/ 50 KB
4 KB 49ms
20ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0078/9635.js
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23214bf435b2e46882769b54403a565d95315e050cb8451a2742283da01f419a

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 02:54:17 GMT
content-encoding: gzip
cf-cache-status: HIT
ce-version: 11.1.118
age: 41324
cf-polished: origSize=50842
status: 200
cf-request-id: 05796151a900002014e3357200000001
last-modified: Mon, 28 Sep 2020 15:25:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 5da26b2f78d52014-AMS
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 3 KB
541 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand:400,700,500&subset=latin

Requested by

Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73196409551f3fe8585a5ceb44ea6d56b1eeeec211357090696f7bea5b73d2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 02:54:15 GMT
server: ESF
date: Tue, 29 Sep 2020 02:54:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Sep 2020 02:54:15 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
offer.citibeauty.sg/wp-includes/js/ 14 KB
5 KB 1652ms
1652ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:47:40 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H3-Q050 200 css
fonts.googleapis.com/ 4 KB
1 KB 37ms
22ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin

Requested by

Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4088dbd5ae05ef25b50ae71d76c9dd70464744529a15d087babfd1ede1ba00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 02:54:15 GMT
server: ESF
date: Tue, 29 Sep 2020 02:54:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Sep 2020 02:54:15 GMT

GET
H/1.1 200
OK imagesloaded.min.js Show response
offer.citibeauty.sg/wp-includes/js/ 8 KB
3 KB 1652ms
347ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-includes/js/imagesloaded.min.js?ver=3.2.0
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: afbd6d3dbf677900ec3d80e8057a7b9f93f72e5971494ed7ce7a4be1cb7c9ae8

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:47:40 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK masonry.min.js Show response
offer.citibeauty.sg/wp-includes/js/ 28 KB
10 KB 1739ms
347ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-includes/js/masonry.min.js?ver=3.3.2
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 047ff7cfd5956ecf06bd9fc9fd123772f2c5825cce3d124418ba418d540a5b98

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:47:40 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK jquery.masonry.min.js Show response
offer.citibeauty.sg/wp-includes/js/jquery/ 2 KB
997 B 1906ms
494ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Aug 2016 05:25:30 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK frontend.min.js Show response
offer.citibeauty.sg/wp-content/plugins/thrive-visual-editor/editor/js/dist/ 154 KB
53 KB 1672ms
232ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js?ver=2.5.5
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 1b7a59b1f42be2925fcefeeb95e071fcb206011f4d233866ab51dc2caf347b5e

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:57:23 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK tab-frontend.min.js Show response
offer.citibeauty.sg/wp-content/plugins/thrive-ab-page-testing/assets/js/dist/ 545 B
576 B 1855ms
360ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-content/plugins/thrive-ab-page-testing/assets/js/dist/tab-frontend.min.js?ver=1
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: a40462310bccb936ad3993c0d96ca320a0573ab46b24ea8690dce271ad234871

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jul 2020 19:05:35 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK scripts.js Show response
offer.citibeauty.sg/wp-content/plugins/contact-form-7/includes/js/ 14 KB
5 KB 1898ms
353ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.9
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 72ebfeb1ce24b152349b7a231f6fc29ff2a2b7a5ede91dcdb80d6b9de1779046

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:56:10 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK wpcf7-redirect-script.js Show response
offer.citibeauty.sg/wp-content/plugins/wpcf7-redirect/js/ 2 KB
1 KB 2000ms
348ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-content/plugins/wpcf7-redirect/js/wpcf7-redirect-script.js
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: ecf6f42c7e04e1d7cbfc429774837faf9b8f7952b5f3022db6e2416ae56e42e6

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 06:46:45 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
offer.citibeauty.sg/wp-content/themes/twentyseventeen/assets/js/ 683 B
675 B 1903ms
222ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=20161114
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:55:38 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK global.js Show response
offer.citibeauty.sg/wp-content/themes/twentyseventeen/assets/js/ 8 KB
3 KB 2088ms
350ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20190121
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: c6d9599b5f75bd2619299f87d5b979f14955c35d2dd34050ff13ab0609297d7c

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:55:38 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK jquery.scrollTo.js Show response
offer.citibeauty.sg/wp-content/themes/twentyseventeen/assets/js/ 6 KB
3 KB 2922ms
1067ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:55:38 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK frontend.min.js Show response
offer.citibeauty.sg/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 2 KB
1 KB 3050ms
1152ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=2.2.17
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 479a03a79e2f3d1cdf0280366441b915ea8348bf754deccfe3270b4ae5763c2c

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:57:22 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK wp-embed.min.js Show response
offer.citibeauty.sg/wp-includes/js/ 1 KB
1 KB 2126ms
223ms Script
application/javascript 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.citibeauty.sg/wp-includes/js/wp-embed.min.js?ver=5.4.2
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 05:47:40 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: hyqgNFIFaBxSx98B2ZhXHzMf9aLR9osV7tE2/xzE7sQG/ZsRdcN1EKnFiGaANtjUaFGs6G2MYKcp+TVV1l22Vw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 29 Sep 2020 02:54:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 6 KB
740 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700,500&subset=latin

Requested by

Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ab44b36bf27088b951d44ab00e3edc8e68e6816df4cef4e963b83c2ea13adfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 02:54:17 GMT
server: ESF
date: Tue, 29 Sep 2020 02:54:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Sep 2020 02:54:17 GMT

GET
H/1.1 404
Not Found DNA-video.mp4
icecube.sg/mock1/wp-content/uploads/2020/03/ 0
0 685ms
118ms Media
text/html 143.95.1.167
ASMALLORANGE1

General

Check archive.org

Show headers Download Go to

Full URL: https://icecube.sg/mock1/wp-content/uploads/2020/03/DNA-video.mp4
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 143.95.1.167 Los Angeles, United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offer.citibeauty.sg/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

GET
H/1.1 200
OK head-bg.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 206 KB
206 KB 677ms
664ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/head-bg.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: d5bb78e2080a5f79b4fafe1bedcc5e31b35bac2eba6705ac6af3cbdac201e019

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:18 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:22 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 210672
Content-Type: image/jpeg

GET
H/1.1 200
OK head-bg4-1-scaled-1.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 94 KB
94 KB 995ms
982ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/head-bg4-1-scaled-1.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 7eea124d47dc629d777a245b04618294c18b286376106f1a91c51383ce173c27

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:18 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:27 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96479
Content-Type: image/jpeg

GET
H/1.1 200
OK head-bg3a.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 271 KB
271 KB 667ms
654ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/head-bg3a.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 7ceead34197197c324ce1bd5e7c75866e7ff39351abc7047bee594d36b27620d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:18 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:27 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 277054
Content-Type: image/jpeg

GET
H/1.1 200
OK video-player.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 124 KB
124 KB 983ms
970ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/video-player.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: cc6a99d34eb26d50967d019e1a1a8c19d6601b3288504c08cc3aa25a0e35ae94

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:18 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:14 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 127057
Content-Type: image/jpeg

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,500&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://offer.citibeauty.sg
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700,500&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 18:20:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 549221
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Wed, 22 Sep 2021 18:20:36 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,500&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://offer.citibeauty.sg
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700,500&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 18:22:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 549128
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Wed, 22 Sep 2021 18:22:09 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v21/ 26 KB
26 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:400,700,500&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://offer.citibeauty.sg
Referer: https://fonts.googleapis.com/css?family=Quicksand:400,700,500&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 01:20:42 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:43:58 GMT
server: sffe
age: 5615
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26160
x-xss-protection: 0
expires: Wed, 29 Sep 2021 01:20:42 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2
fonts.gstatic.com/s/librefranklin/v5/ 14 KB
14 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v5/jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f707ac905bc601e7c615efef3341229528ef740fdea765fc4c98eec658670856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://offer.citibeauty.sg
Referer: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:37:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:32 GMT
server: sffe
age: 379015
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
expires: Fri, 24 Sep 2021 17:37:22 GMT

GET
H2 200 jizAREVItHgc8qDIbSTKq4XkRi24_SI0q1vjitOh.woff2
fonts.gstatic.com/s/librefranklin/v5/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v5/jizAREVItHgc8qDIbSTKq4XkRi24_SI0q1vjitOh.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bac41f9892f4fadbd7355e6d863f2d74262f15047caa3dfd92b9e38423dfd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://offer.citibeauty.sg
Referer: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:40:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:15 GMT
server: sffe
age: 378823
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14436
x-xss-protection: 0
expires: Fri, 24 Sep 2021 17:40:34 GMT

GET
H/1.1 200
OK citibeauty-logo-Green.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 32 KB
33 KB 1004ms
989ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/citibeauty-logo-Green.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 7e3a88798893530e47fee7a7b6027d830000f06b1764475492523fd46b76cf67

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:18 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:12 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33190
Content-Type: image/jpeg

GET
H/1.1 200
OK header-img.png
offer.citibeauty.sg/wp-content/uploads/2020/09/ 434 KB
434 KB 433ms
419ms Image
image/png 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/header-img.png
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: cf438361ff9ced5ced4805bbfa21a5392bd2e307a944fccdc415e490d7dfd340

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:17 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:12 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 444045
Content-Type: image/png

GET
H/1.1 200
OK before-after1a.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 112 KB
112 KB 1432ms
245ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/before-after1a.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 1967d54a43722f4e9d1905a40cbb7032a1d7de9d8febb62efce5fadf910f8a34

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:19 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:13 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114226
Content-Type: image/jpeg

GET
H/1.1 200
OK spa.png
offer.citibeauty.sg/wp-content/uploads/2020/09/ 23 KB
24 KB 220ms
220ms Image
image/png 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/spa.png
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 6d2b50951f78056b11f34afea850f130b43b0e93ae9c0eac7aa7f75ee09d90d4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:19 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:13 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24003
Content-Type: image/png

GET
H/1.1 200
OK before-after2a.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 107 KB
107 KB 507ms
507ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/before-after2a.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: ae067060c2dde653062ee413755285583ce22fc53ca34d309c847bc351f4c116

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:19 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:13 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109467
Content-Type: image/jpeg

GET
H/1.1 200
OK Sharon-Peh.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 92 KB
93 KB 356ms
356ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/Sharon-Peh.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: facc81b987ff10e320b04f5be30f7a5823727e837bb60589d6088e05dd562775

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:19 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:13 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94671
Content-Type: image/jpeg

GET
H/1.1 200
OK Si-Huey-Sia.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 204 KB
204 KB 216ms
216ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/Si-Huey-Sia.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 59d428edc00659b0050622c536dbbe2548878cee75a56a1c4c9a6126740b9d88

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:19 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:13 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 209065
Content-Type: image/jpeg

GET
H/1.1 200
OK unnamed-file.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 271 KB
271 KB 2056ms
2056ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/unnamed-file.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 45f1a13e04102c7e7c2f4092540612140da6a105e39bd4707be2834f88c934cf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:21 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:13 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 277044
Content-Type: image/jpeg

GET
H/1.1 200
OK icon1.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 16 KB
16 KB 214ms
213ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/icon1.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: f2a6d4a1c2069479513ab9c765b417734f7ede19ba7d7b58b7fa0df9817aeaac

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:19 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:14 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16239
Content-Type: image/jpeg

GET
H/1.1 200
OK step2.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 11 KB
11 KB 339ms
338ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/step2.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: e567dabb881228e925ffbf5237006233637ed235334305b15ecfd3bb0e4ba34a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:20 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:14 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11515
Content-Type: image/jpeg

GET
H/1.1 200
OK step3.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 11 KB
11 KB 224ms
223ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/step3.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 1a3eaba39d5381ae4cb5083010536a560cd9d2e152945abc365d6bba22c7a810

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:19 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:14 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11416
Content-Type: image/jpeg

GET
H/1.1 200
OK step4.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 12 KB
12 KB 1703ms
1702ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/step4.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: e6d854aaa63357a579387dbf4944bd401aa191cafa12c778240079303234d6d9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:21 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:14 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12246
Content-Type: image/jpeg

GET
H/1.1 200
OK step5.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 20 KB
20 KB 506ms
505ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/step5.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 74b86a170ef960ddcc88bd0b019c1cfeb195fa3dff185db565d81ab152b77f54

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:20 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:14 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20280
Content-Type: image/jpeg

GET
H/1.1 200
OK step6.jpg
offer.citibeauty.sg/wp-content/uploads/2020/09/ 13 KB
13 KB 225ms
224ms Image
image/jpeg 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://offer.citibeauty.sg/wp-content/uploads/2020/09/step6.jpg
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/
Protocol: HTTP/1.1
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 5f69d40b64ec4ace81226b2e631edb33e6c6b7953355f2ad09c250235412ee1a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:20 GMT
Last-Modified: Wed, 02 Sep 2020 02:47:14 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12915
Content-Type: image/jpeg

GET
H2 200 527577378150314 Show response
connect.facebook.net/signals/config/ 524 KB
133 KB 83ms
82ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/527577378150314?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39507e507febe1316487eba849dd256565b32363f500d0f23a461600efd9b264

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: /Qq12LPeLgsxfSpWbXsdWyDQSh3HHBPFs+lcbj6pINzDewJiwfp8iHlg33rjrzg+f0Rdzf1avBR88UCOCpQxXA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 29 Sep 2020 02:54:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 11.1.118.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 99 KB
32 KB 20ms
20ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.118.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0078/9635.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9417079952dbe5d1b1bc0bf209d04bcf97459ce3c271837b4d9c45a48e3ecfa

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 02:54:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 464380
cf-polished: origSize=105320
status: 200
cf-request-id: 057961524c00002014e3359200000001
last-modified: Mon, 14 Sep 2020 15:45:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
cf-ray: 5da26b307a352014-AMS
cf-bgj: minify

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=527577378150314&ev=PageView&dl=https%3A%2F%2Foffer.citibeauty.sg%2F&rl=&if=false&ts=1601348057763&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.1.1601348057762.2076841539&it=1601348057645&coo=false&rqm=GET

Requested by

Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 02:54:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 29 Sep 2020 02:54:17 GMT

GET
H/1.1 200
OK ajax-loader.gif
offer.citibeauty.sg/wp-content/plugins/contact-form-7/images/ 847 B
1 KB 353ms
353ms Image
image/gif 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.citibeauty.sg/wp-content/plugins/contact-form-7/images/ajax-loader.gif
Requested by: Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: d.26.5177.ip4.static.sl-reverse.com
Software: nginx/1.18.0 /
Resource Hash: 65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877

Request headers

Referer: https://offer.citibeauty.sg/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:54:19 GMT
Last-Modified: Mon, 15 Jun 2020 05:56:10 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 847
Content-Type: image/gif

POST
H/1.1 200
OK admin-ajax.php Show response
offer.citibeauty.sg/wp-admin/ 20 B
728 B 1124ms
1124ms XHR
application/json 119.81.38.13
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.citibeauty.sg/wp-admin/admin-ajax.php

Requested by

Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

119.81.38.13 Singapore, Singapore, ASN36351 (SOFTLAYER, US),

Reverse DNS

d.26.5177.ip4.static.sl-reverse.com

Software

nginx/1.18.0 /

Resource Hash

9907fda4aaee06d71e304367824685e97870fa36a20519be38093cde16e2b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://offer.citibeauty.sg/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 29 Sep 2020 02:54:20 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://offer.citibeauty.sg
Cache-Control: no-cache, must-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=527577378150314&ev=Microdata&dl=https%3A%2F%2Foffer.citibeauty.sg%2F&rl=&if=false&ts=1601348059271&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Citibeauty%20%E2%80%93%20Citibeauty%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&ec=1&o=30&fbp=fb.1.1601348057762.2076841539&it=1601348057645&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: offer.citibeauty.sg
URL: https://offer.citibeauty.sg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offer.citibeauty.sg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 02:54:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 29 Sep 2020 02:54:19 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.citibeauty.sg/	1970-01-19 14:58:44	Name: _fbp Value: fb.1.1601348057762.2076841539

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://offer.citibeauty.sg/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
icecube.sg
offer.citibeauty.sg
script.crazyegg.com
www.facebook.com
119.81.38.13
143.95.1.167
2606:4700::6813:9408
2a00:1450:4001:818::200a
2a00:1450:4001:81b::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
047ff7cfd5956ecf06bd9fc9fd123772f2c5825cce3d124418ba418d540a5b98
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1967d54a43722f4e9d1905a40cbb7032a1d7de9d8febb62efce5fadf910f8a34
1a3eaba39d5381ae4cb5083010536a560cd9d2e152945abc365d6bba22c7a810
1ab44b36bf27088b951d44ab00e3edc8e68e6816df4cef4e963b83c2ea13adfd
1b7a59b1f42be2925fcefeeb95e071fcb206011f4d233866ab51dc2caf347b5e
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
23214bf435b2e46882769b54403a565d95315e050cb8451a2742283da01f419a
39507e507febe1316487eba849dd256565b32363f500d0f23a461600efd9b264
45f1a13e04102c7e7c2f4092540612140da6a105e39bd4707be2834f88c934cf
479a03a79e2f3d1cdf0280366441b915ea8348bf754deccfe3270b4ae5763c2c
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
59d428edc00659b0050622c536dbbe2548878cee75a56a1c4c9a6126740b9d88
5f69d40b64ec4ace81226b2e631edb33e6c6b7953355f2ad09c250235412ee1a
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877
6d2b50951f78056b11f34afea850f130b43b0e93ae9c0eac7aa7f75ee09d90d4
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
72ebfeb1ce24b152349b7a231f6fc29ff2a2b7a5ede91dcdb80d6b9de1779046
73196409551f3fe8585a5ceb44ea6d56b1eeeec211357090696f7bea5b73d2d7
74b86a170ef960ddcc88bd0b019c1cfeb195fa3dff185db565d81ab152b77f54
75bac41f9892f4fadbd7355e6d863f2d74262f15047caa3dfd92b9e38423dfd6
7ceead34197197c324ce1bd5e7c75866e7ff39351abc7047bee594d36b27620d
7e3a88798893530e47fee7a7b6027d830000f06b1764475492523fd46b76cf67
7eea124d47dc629d777a245b04618294c18b286376106f1a91c51383ce173c27
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
8851c4eff7c025edc379ed3d6f62dbba14afeb88261ad9bf4e1eb47ca5682a0a
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9907fda4aaee06d71e304367824685e97870fa36a20519be38093cde16e2b5e3
a40462310bccb936ad3993c0d96ca320a0573ab46b24ea8690dce271ad234871
a4088dbd5ae05ef25b50ae71d76c9dd70464744529a15d087babfd1ede1ba00f
ae067060c2dde653062ee413755285583ce22fc53ca34d309c847bc351f4c116
afbd6d3dbf677900ec3d80e8057a7b9f93f72e5971494ed7ce7a4be1cb7c9ae8
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
b8a6082875d315f50b0f9b60502d84af2aae1179af60ddc0ad4a6367ace6c95f
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c6d9599b5f75bd2619299f87d5b979f14955c35d2dd34050ff13ab0609297d7c
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
cc6a99d34eb26d50967d019e1a1a8c19d6601b3288504c08cc3aa25a0e35ae94
cf438361ff9ced5ced4805bbfa21a5392bd2e307a944fccdc415e490d7dfd340
d16400e6b2166cf4a5b37b2216cde40c8637e6693cf623abbee9f8cd21a7dc33
d5bb78e2080a5f79b4fafe1bedcc5e31b35bac2eba6705ac6af3cbdac201e019
d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89
d9417079952dbe5d1b1bc0bf209d04bcf97459ce3c271837b4d9c45a48e3ecfa
ddf3d45a29935c10a00179049cd6707e94d930840a57440214ca3eb2962dc562
def1c1b43186434ddf9c00c48950e2f3564adb613771689b49d68dc0d7bb4eff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e567dabb881228e925ffbf5237006233637ed235334305b15ecfd3bb0e4ba34a
e6d854aaa63357a579387dbf4944bd401aa191cafa12c778240079303234d6d9
ebb1cbdbfe5c93fa2476092a2a017c594142156d30f2b142207f3831e1b6ae8b
ecf6f42c7e04e1d7cbfc429774837faf9b8f7952b5f3022db6e2416ae56e42e6
f2a6d4a1c2069479513ab9c765b417734f7ede19ba7d7b58b7fa0df9817aeaac
f30ca1290d519fc7430bf193241443d945d726ca6d9a1eb5a1d4214d8801bee1
f707ac905bc601e7c615efef3341229528ef740fdea765fc4c98eec658670856
facc81b987ff10e320b04f5be30f7a5823727e837bb60589d6088e05dd562775

offer.citibeauty.sg Open in urlscan Pro 119.81.38.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

60 Requests

25 %HTTPS

71 %IPv6

7 Domains

7 Subdomains

7 IPs

4 Countries

2655 kBTransfer

4346 kBSize

1 Cookies

2 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

offer.citibeauty.sg Open in urlscan Pro
119.81.38.13 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

25 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

2655 kB
Transfer

4346 kB
Size

1
Cookies

60 HTTP transactions
0 data transactions