booking.citigym.com.vn Open in urlscan Pro
54.179.173.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://booking.citigym.com.vn/
Submission: On July 09 via automatic, source certstream-suspicious (July 9th 2024, 3:43:36 am UTC) — Scanned from SG

Summary HTTP 49 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 12 domains to perform 49 HTTP transactions. The main IP is 54.179.173.60, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is booking.citigym.com.vn.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on July 9th 2024. Valid for: 3 months.

This is the only time booking.citigym.com.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.179.173.60 54.179.173.60	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:223... 2600:9000:223b:6400:11:52e1:b680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4003:c04::64	15169 (GOOGLE) (GOOGLE)
3	13.214.101.97 13.214.101.97	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:4003:c00::5d	15169 (GOOGLE) (GOOGLE)
1	13.228.81.39 13.228.81.39	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f00... 2a03:2880:f00c:19:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2404:6800:400... 2404:6800:4003:c00::61	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c02::8a	15169 (GOOGLE) (GOOGLE)
2	74.125.130.155 74.125.130.155	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c1c::8b	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c02::9c	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c00::5e	15169 (GOOGLE) (GOOGLE)
3	142.251.12.147 142.251.12.147	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f10... 2a03:2880:f10c:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	74.125.68.102 74.125.68.102	15169 (GOOGLE) (GOOGLE)
1	142.251.175.100 142.251.175.100	15169 (GOOGLE) (GOOGLE)
1	74.125.200.94 74.125.200.94	15169 (GOOGLE) (GOOGLE)
1 1	52.76.157.212 52.76.157.212	16509 (AMAZON-02) (AMAZON-02)
49	19

1 54.179.173.60 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-173-60.ap-southeast-1.compute.amazonaws.com

booking.citigym.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:223b:6400:11:52e1:b680:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::64 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.214.101.97 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-214-101-97.ap-southeast-1.compute.amazonaws.com

a.ladipage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c00::5d (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.228.81.39 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-81-39.ap-southeast-1.compute.amazonaws.com

g.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f00c:19:face:b00c:0:3 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c00::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c02::8a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.130.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c1c::8b (Singapore, Singapore)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c02::9c (Singapore, Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c00::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.147 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f10c:83:face:b00c:0:25de (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f102.1e100.net

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.175.100 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.76.157.212 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-157-212.ap-southeast-1.compute.amazonaws.com

static.ladipage.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ladicdn.com w.ladicdn.com — Cisco Umbrella Rank: 41013 g.ladicdn.com — Cisco Umbrella Rank: 178499	1 MB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	6 KB
6	google.com analytics.google.com — Cisco Umbrella Rank: 239 www.google.com — Cisco Umbrella Rank: 10 google.com — Cisco Umbrella Rank: 1	208 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	473 KB
4	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 11056	733 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 208	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 232	163 KB
4	youtube.com img.youtube.com — Cisco Umbrella Rank: 2276 www.youtube.com — Cisco Umbrella Rank: 82	42 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 102	21 KB
3	ladipage.com a.ladipage.com — Cisco Umbrella Rank: 45229	1 KB
1	ladipage.net 1 redirects static.ladipage.net — Cisco Umbrella Rank: 98116	260 B
1	citigym.com.vn booking.citigym.com.vn	17 KB
49	12

	Domain	Requested by
8	w.ladicdn.com	booking.citigym.com.vn
6	www.facebook.com	booking.citigym.com.vn connect.facebook.net
5	www.googletagmanager.com	g.ladicdn.com www.googletagmanager.com
4	www.google.com.sg	booking.citigym.com.vn
4	connect.facebook.net	booking.citigym.com.vn g.ladicdn.com connect.facebook.net
3	www.google.com	booking.citigym.com.vn
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.youtube.com	w.ladicdn.com www.youtube.com
3	a.ladipage.com	w.ladicdn.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
1	static.ladipage.net	1 redirects
1	google.com	www.googletagmanager.com
1	g.ladicdn.com	w.ladicdn.com
1	img.youtube.com	booking.citigym.com.vn
1	booking.citigym.com.vn
49	17

This site contains links to these domains. Also see Links.

Domain
onelink.to
www.youtube.com
citigym.com.vn
m.me

Subject Issuer	Validity	Valid
booking.citigym.com.vn ZeroSSL RSA Domain Secure Site CA	`2024-07-09` - `2024-10-07`	3 months	crt.sh
w.ladicdn.com Amazon RSA 2048 M02	`2023-10-12` - `2024-11-10`	a year	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
a.ladipage.com Amazon RSA 2048 M03	`2024-04-17` - `2025-05-16`	a year	crt.sh
g.ladicdn.com ZeroSSL RSA Domain Secure Site CA	`2024-06-17` - `2024-09-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-17` - `2024-07-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com.sg WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://booking.citigym.com.vn/
Frame ID: 9B86F1E6F6E19CFCBC3E630CACA658FB
Requests: 47 HTTP requests in this frame

Frame: https://www.youtube.com/embed/zYwgIpEfle0?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fbooking.citigym.com.vn&widgetid=1
Frame ID: A59AE31EA44C56DC388C722D5C84F33C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v9.0/plugins/page.php?adapt_container_width=true&app_id=205063827585671&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7cf10372253d2da1%26domain%3Dbooking.citigym.com.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbooking.citigym.com.vn%252Ffbd9f862ff3c4c102%26relation%3Dparent.parent&container_width=405&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcitigymvn%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=messenger&width=
Frame ID: EFDB38DA91B0F00CAD3B452C6044F6CF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CITIGYM - Đặt lịch tập luyện Gym, Yoga, Zumba, Dance ...

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

49
Requests

98 %
HTTPS

53 %
IPv6

12
Domains

17
Subdomains

19
IPs

2
Countries

1779 kB
Transfer

3601 kB
Size

15
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://onelink.to/citigym

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=zYwgIpEfle0
Title: XEM THÊM TRÊN YOUTUBE TẠI ĐÂY

Search URL Search Domain Scan URL

URL: https://citigym.com.vn/
Title: Website: http://citigym.com.vn

Search URL Search Domain Scan URL

URL: https://citigym.com.vn/chinh-sach-gia
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://citigym.com.vn/chinh-sach-bao-mat
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://m.me/citigymvn?ref=landingpage
Title: Contact Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://static.ladipage.net/5e54ce64f4a6442c5ac64044/logo-20200303070753.png HTTP 301
https://w.ladicdn.com/5e54ce64f4a6442c5ac64044/logo-20200303070753.png

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
booking.citigym.com.vn/ 86 KB
17 KB 117ms
7ms Document
text/html 54.179.173.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.citigym.com.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.179.173.60 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-173-60.ap-southeast-1.compute.amazonaws.com

Software

openresty /

Resource Hash

ecbb21d50350969468cfa2b866f559190324d91582f01866da0a6e7ecda028d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 09 Jul 2024 03:43:30 GMT
server: openresty
statuscode: 200
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ladipage.vi.min.js Show response
w.ladicdn.com/v2/source/ 377 KB
87 KB 35ms
6ms Script
text/javascript 2600:9000:223b:6400:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1653875791278
Requested by: Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:6400:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c248a509f1aafd9c718b1b6e6d933e6c9ebd9451c60a249052eb83755fc9f60

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Apr 2024 09:14:04 GMT
content-encoding: gzip
via: 1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 7324166
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: n09PzZ0fb7KvTZQJdmlegTnIVKYHy3UTmoO0rWs0kMN2QimhHiZN1Q==
expires: Tue, 15 Apr 2025 09:14:04 GMT

GET
H2 200 ladipage.min.css
w.ladicdn.com/v2/source/ 66 KB
6 KB 33ms
4ms Stylesheet
text/css 2600:9000:223b:6400:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.min.css?v=1653875791278
Requested by: Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:6400:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Apr 2024 09:14:04 GMT
content-encoding: gzip
via: 1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 7324166
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: FkuovoONcImmms8kll8Ioa1e3kwef9TK1_tv1R4u3o9B0YuXgCDz4w==
expires: Tue, 15 Apr 2025 09:14:04 GMT

GET
H2 200 montserrat-black-20210312020608.ttf
w.ladicdn.com/5e54ce64f4a6442c5ac64044/ 252 KB
252 KB 210ms
107ms Font
font/ttf 2600:9000:223b:6400:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/5e54ce64f4a6442c5ac64044/montserrat-black-20210312020608.ttf
Requested by: Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:6400:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 79468c1163c13d089fa7649c9035be262dce2572625b20b77bd6c6e20dc914b6

Request headers

Referer: https://booking.citigym.com.vn/
Origin: https://booking.citigym.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 01:58:22 GMT
via: 1.1 4187f012ebd71eb85a8870ea46453784.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN2-P2
age: 23075108
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: kwpR3xnBlSdWR5UpGJR0OcEmt30bALDg7aHKF1VFednjfp0cYL9E2w==
expires: Tue, 15 Oct 2024 01:58:22 GMT

GET
H2 200 montserrat-regular-20210312020621.ttf
w.ladicdn.com/5e54ce64f4a6442c5ac64044/ 240 KB
241 KB 155ms
52ms Font
font/ttf 2600:9000:223b:6400:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/5e54ce64f4a6442c5ac64044/montserrat-regular-20210312020621.ttf
Requested by: Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:6400:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525

Request headers

Referer: https://booking.citigym.com.vn/
Origin: https://booking.citigym.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Apr 2024 13:49:33 GMT
via: 1.1 4187f012ebd71eb85a8870ea46453784.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN2-P2
age: 7480437
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: LPIV-1ApLjtqbX-0rMmjy9HhwOvzxObhfLk9AJmJIZc0BZ5uTA8-7Q==
expires: Sun, 13 Apr 2025 13:49:33 GMT

GET
H2 200 qr-code-20211110114622.png
w.ladicdn.com/s450x450/5e54ce64f4a6442c5ac64044/ 5 KB
5 KB 11ms
9ms Image
image/png 2600:9000:223b:6400:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s450x450/5e54ce64f4a6442c5ac64044/qr-code-20211110114622.png
Requested by: Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:6400:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f8040103a135557b9f98189af5ba1715d8bf2a7b3843cec51d4a071a52a47f30

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 14:59:40 GMT
content-encoding: gzip
via: 1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 10413830
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: lncFRnRqo84DSArNrTqmHF8ldF5gIKcLkWMABS2JSGWXatYcyQ5a7Q==
expires: Mon, 10 Mar 2025 14:59:40 GMT

GET
H2 200 mobile1-20220526072002.png
w.ladicdn.com/s800x950/5e54ce64f4a6442c5ac64044/ 435 KB
433 KB 10ms
8ms Image
image/png 2600:9000:223b:6400:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s800x950/5e54ce64f4a6442c5ac64044/mobile1-20220526072002.png
Requested by: Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:6400:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d5145fc03837baf51805c149a9bcabb4081ca7c82149fa1de46d8e3ddc488101

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 15:14:00 GMT
content-encoding: gzip
via: 1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 11363370
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: QCrnevWukZOhUx-uoKupgpzTfG2nIAShJ2y9I-d0HHSTyna0Wbx2lg==
expires: Thu, 27 Feb 2025 15:14:00 GMT

GET
H2 200 logocitigym-2-20201210070918.png
w.ladicdn.com/s450x400/5e54ce64f4a6442c5ac64044/ 24 KB
22 KB 50ms
48ms Image
image/png 2600:9000:223b:6400:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s450x400/5e54ce64f4a6442c5ac64044/logocitigym-2-20201210070918.png
Requested by: Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:6400:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 388130c53fa2fcc0362965813254f8ebe86c83c604754a69270cd228654902a5

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:03:32 GMT
content-encoding: gzip
via: 1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 12879598
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: 9igRJjaPAj0-lXa59-xQHK1_n_UK1Q-pkTPfAKa5mxgMLZor924I7A==
expires: Mon, 10 Feb 2025 02:03:32 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/zYwgIpEfle0/ 29 KB
29 KB 82ms
26ms Image
image/jpeg 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/zYwgIpEfle0/hqdefault.jpg

Requested by

Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::64 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5fc814bb55660ca4732b227bcea35968d3cce86a206b4d0a09896cca615726e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 03:43:30 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29759
x-xss-protection: 0
server: sffe
etag: "1653550778"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Jul 2024 05:43:30 GMT

OPTIONS
H2 200 event
a.ladipage.com/ Frame 0
0 25ms
4ms Preflight
application/json 13.214.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.214.101.97 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-214-101-97.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Access-Control-Request-Method: POST
Origin: https://booking.citigym.com.vn
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 09 Jul 2024 03:43:30 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 447 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e05f5b393f62f03029cfbc5b025ebcfdd0fcc70dbdafd5f52d1f82e30d12de7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 event Show response
a.ladipage.com/ 125 B
651 B 16ms
14ms XHR
text/plain 13.214.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1653875791278

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.214.101.97 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-214-101-97.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0e8766356e7b8f563df27d4e7928077709065f892850c9089cb42d922530fc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

LADI_CLIENT_ID: 5ae6bb4f-a172-4521-68cb-0190d971b087
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT: 0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
LADI_CAMP_NAME
Content-Type: application/json
Referer: https://booking.citigym.com.vn/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW: 0
LADI_PAGE_VIEW: 1
LADI_CAMP_TYPE

Response headers

date: Tue, 09 Jul 2024 03:43:30 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 38ms
20ms Script
text/javascript 2404:6800:4003:c00::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1653875791278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5d Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96e567e55058088bf057ebeb964b202435a2c745a55f49df106fe22f2a9a8e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 03:43:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 09 Jul 2024 03:43:30 GMT

GET
H2 200 5e54ce64f4a6442c5ac64044-628f28f1a403820020807086.js Show response
g.ladicdn.com/tracking/ 4 KB
2 KB 21ms
4ms Script
application/javascript 13.228.81.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ladicdn.com/tracking/5e54ce64f4a6442c5ac64044-628f28f1a403820020807086.js?v=1720496610805
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1653875791278
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.228.81.39 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-228-81-39.ap-southeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 3c3c611b447598b7e92816ac0dd8276141fe71610ff43c2b473a2a527b7bec2e

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 03:43:30 GMT
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 17:15:48 GMT
server: openresty
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
statuscode: 200

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/5352eb4f/www-widgetapi.vflset/ 31 KB
10 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c00::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5352eb4f/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5d Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7a4d3c6bbb813b80afb47a45e75320ff14b02e65ad1ca740d62bcbfb646f2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 01:27:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10362
x-xss-protection: 0
last-modified: Tue, 02 Jul 2024 04:25:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 09 Jul 2025 01:27:54 GMT

GET
H2 200 zYwgIpEfle0
www.youtube.com/embed/ Frame A59A 0
0 70ms
62ms Document
text/html 2404:6800:4003:c00::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/zYwgIpEfle0?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fbooking.citigym.com.vn&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5352eb4f/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5d Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jul 2024 03:43:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 222 KB
59 KB 28ms
7ms Script
application/x-javascript 2a03:2880:f00c:19:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 Jul 2024 03:43:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58293
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=12, mss=1297, tbw=2776, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: Cb1b8wJjea6dCnKRiFZETiKeTUHPYAFeGrhEB7AeEC7DXXMYyETn23+QHFCEUkxICn/oV+6ndVMeDnxMvIPZ8g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 event Show response
a.ladipage.com/ 35 B
561 B 45ms
42ms XHR
text/plain 13.214.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1653875791278

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.214.101.97 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-214-101-97.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

54d86716fecee1adf2d23273fe078cab4b7b0db3da3459fa9a42f5312427adf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

LADI_CLIENT_ID: 5ae6bb4f-a172-4521-68cb-0190d971b087
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT: 0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
LADI_CAMP_NAME
Content-Type: application/json
Referer: https://booking.citigym.com.vn/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW: 0
LADI_PAGE_VIEW: 1
LADI_CAMP_TYPE

Response headers

date: Tue, 09 Jul 2024 03:43:30 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 329 KB
107 KB 109ms
90ms Script
application/javascript 2404:6800:4003:c00::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0V26T67EHN

Requested by

Host: g.ladicdn.com
URL: https://g.ladicdn.com/tracking/5e54ce64f4a6442c5ac64044-628f28f1a403820020807086.js?v=1720496610805

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a09006f1d681981dfe2718797756be7cd13b168585683e89d92c609d061865e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 03:43:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109404
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jul 2024 03:43:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
72 KB 34ms
16ms Script
application/javascript 2404:6800:4003:c00::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132995851-1

Requested by

Host: g.ladicdn.com
URL: https://g.ladicdn.com/tracking/5e54ce64f4a6442c5ac64044-628f28f1a403820020807086.js?v=1720496610805

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1c365f45fa60b8701d32f7c325957d650d63cc9563ba8a5b4bce1527255b853

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 03:43:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73593
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jul 2024 03:43:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
93 KB 75ms
57ms Script
application/javascript 2404:6800:4003:c00::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11016452960

Requested by

Host: g.ladicdn.com
URL: https://g.ladicdn.com/tracking/5e54ce64f4a6442c5ac64044-628f28f1a403820020807086.js?v=1720496610805

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfafed18fbc1e0b01fc2ebd16437b4e47c3c3fe1107fdf3c935a181f2d5b90bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 03:43:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95310
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 03:43:30 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
4 KB 24ms
4ms Script
application/x-javascript 2a03:2880:f00c:19:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: g.ladicdn.com
URL: https://g.ladicdn.com/tracking/5e54ce64f4a6442c5ac64044-628f28f1a403820020807086.js?v=1720496610805

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b27b7231a372758fa1a632e0bbe9a638de6956c6ec74dc21e1d9ee81cf7a77c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://booking.citigym.com.vn/
Origin: https://booking.citigym.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jul 2024 03:43:30 GMT
content-md5: VlTXlkSkqeibZd8cva/Tzg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=12, mss=1297, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: okKLgYq46kmOynOZA7kIYWnV4jQ+K+TPeklGbP94J2ZBDwlIfIveEQYkSyrJMVeBaCwlFgUwI7ATusHRHODcIw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: ca5436505086733b71efd9bce0e2f0c7
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "0e02f375cb97d4af463806bd5af12b86"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 09 Jul 2024 03:56:43 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 305 KB
87 KB 14ms
13ms Script
application/x-javascript 2a03:2880:f00c:19:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=1f47a57312c30baa2f3d4f089c416341

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

700faffbcdc9690a2afb810f5b736ca35912427a5b2cccc7dc0c5141afba9209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://booking.citigym.com.vn/
Origin: https://booking.citigym.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jul 2024 03:43:30 GMT
content-md5: vTx/85Kixb7ZVSlfhEdWQg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89188
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=4, rtx=0, c=20, mss=1297, tbw=6611, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: MmuZMRF3Bmt9xNB1IiMUoSDQQsIMKPodkT3jP7xvVczintsGYJmcLi4iq17Q9TeYJaGF7SKMgnI4bDJ7Yrp5lQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 30b79c2a714116c7990e0b386547d0bb
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "adcbe6a7ca5be1dbe2d1ff3bd62dbe77"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 08 Jul 2025 21:44:16 GMT

GET
H2 200 305698316755361 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 205ms
202ms Script
application/x-javascript 2a03:2880:f00c:19:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/305698316755361?v=2.9.160&r=stable&domain=booking.citigym.com.vn&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56d25827f5cc7e68396d9752d3a3e937191fe773b49cbd1049401569315c615c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 Jul 2024 03:43:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=42, mss=1297, tbw=63801, tp=-1, tpl=-1, uplat=179, ullat=0
pragma: public
x-fb-debug: N/8+Wk1hwOaqpxUZk8HTFiI1q8rlTi6X0VufQrvDaYcTaV49HIdEyAbIIM0QGT0OpVDHHaifkEAvG+ub3sHKiw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 329 KB
107 KB 62ms
60ms Script
application/javascript 2404:6800:4003:c00::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0V26T67EHN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132995851-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b81e21fec073afbcbc2f4743fb79126ec31d3c3159c8dd102db3b64dfcb2fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 03:43:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109400
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jul 2024 03:43:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
93 KB 43ms
42ms Script
application/javascript 2404:6800:4003:c00::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11016452960&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132995851-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3b03ce5551b370cebe97a23cb4b66d3034f2a4351536c3180f79446ee4fc142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 03:43:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95337
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 03:43:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 81ms
18ms Script
text/javascript 2404:6800:4003:c02::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132995851-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jul 2024 03:11:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1894
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 09 Jul 2024 05:11:57 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11016452960/ 3 KB
1 KB 46ms
20ms Script
text/javascript 74.125.130.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11016452960/?random=1720496611006&cv=11&fst=1720496611006&bg=ffffff&guid=ON&async=1&gtm=45be4730v896160995za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbooking.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=CITIGYM%20-%20%C4%90%E1%BA%B7t%20l%E1%BB%8Bch%20t%E1%BA%ADp%20luy%E1%BB%87n%20Gym%2C%20Yoga%2C%20Zumba%2C%20Dance%20...&npa=0&pscdl=noapi&auid=904576390.1720496611&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11016452960

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f155.1e100.net

Software

cafe /

Resource Hash

8c95e8a2ee6a4ac7118760b27297d7f46c59b14f5363e3abfc1093230e000270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 03:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1431
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
212 B 9ms
6ms XHR
text/plain 2404:6800:4003:c02::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1445132350&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.citigym.com.vn%2F&ul=en-sg&de=UTF-8&dt=CITIGYM%20-%20%C4%90%E1%BA%B7t%20l%E1%BB%8Bch%20t%E1%BA%ADp%20luy%E1%BB%87n%20Gym%2C%20Yoga%2C%20Zumba%2C%20Dance%20...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1342030510&gjid=1950724314&cid=1172255601.1720496611&tid=UA-132995851-1&_gid=1316716688.1720496611&_r=1&gtm=457e4730za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&jsscut=1&z=746513531

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 03:43:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://booking.citigym.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 25ms
5ms Fetch
text/plain 2404:6800:4003:c1c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-0V26T67EHN&gtm=45je4730v881218708za200&_p=1720496610841&em=tv.1~em.x8QrHdyAuadC0yUkrqQTEWKFJXFIOKecgx0bIu2QbF8&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1172255601.1720496611&ecid=133197756&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_eu=AAAI&_s=1&sid=1720496611&sct=1&seg=0&dl=https%3A%2F%2Fbooking.citigym.com.vn%2F&dt=CITIGYM%20-%20%C4%90%E1%BA%B7t%20l%E1%BB%8Bch%20t%E1%BA%ADp%20luy%E1%BB%87n%20Gym%2C%20Yoga%2C%20Zumba%2C%20Dance%20...&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=601&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0V26T67EHN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1c::8b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 03:43:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://booking.citigym.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 25ms
6ms Ping
text/plain 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0V26T67EHN&cid=1172255601.1720496611&gtm=45je4730v881218708za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0V26T67EHN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 03:43:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://booking.citigym.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
107 B 28ms
9ms Image
image/gif 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0V26T67EHN&cid=1172255601.1720496611&gtm=45je4730v881218708za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=914748430

Requested by

Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 03:43:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
358 B 15ms
7ms XHR
text/plain 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-132995851-1&cid=1172255601.1720496611&jid=1342030510&gjid=1950724314&_gid=1316716688.1720496611&_u=YADAAUAAAAAAACAAI~&z=1150916094

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jul 2024 03:43:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://booking.citigym.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11016452960/ 42 B
64 B 26ms
11ms Image
image/gif 142.251.12.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11016452960/?random=1720496611006&cv=11&fst=1720494000000&bg=ffffff&guid=ON&async=1&gtm=45be4730v896160995za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbooking.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=CITIGYM%20-%20%C4%90%E1%BA%B7t%20l%E1%BB%8Bch%20t%E1%BA%ADp%20luy%E1%BB%87n%20Gym%2C%20Yoga%2C%20Zumba%2C%20Dance%20...&npa=0&pscdl=noapi&auid=904576390.1720496611&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLx8rczk09qK3E0EM2n_mRXXcTuvpeEg&random=3271214622&rmt_tld=0&ipr=y

Requested by

Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.147 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 03:43:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/11016452960/ 42 B
455 B 15ms
10ms Image
image/gif 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/11016452960/?random=1720496611006&cv=11&fst=1720494000000&bg=ffffff&guid=ON&async=1&gtm=45be4730v896160995za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbooking.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=CITIGYM%20-%20%C4%90%E1%BA%B7t%20l%E1%BB%8Bch%20t%E1%BA%ADp%20luy%E1%BB%87n%20Gym%2C%20Yoga%2C%20Zumba%2C%20Dance%20...&npa=0&pscdl=noapi&auid=904576390.1720496611&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLx8rczk09qK3E0EM2n_mRXXcTuvpeEg&random=3271214622&rmt_tld=1&ipr=y

Requested by

Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 03:43:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 21ms
19ms Image
image/gif 142.251.12.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-132995851-1&cid=1172255601.1720496611&jid=1342030510&_u=YADAAUAAAAAAACAAI~&z=1971111306

Requested by

Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.147 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 03:43:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
107 B 40ms
39ms Image
image/gif 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-132995851-1&cid=1172255601.1720496611&jid=1342030510&_u=YADAAUAAAAAAACAAI~&z=1971111306

Requested by

Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 03:43:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 20ms
6ms Image
text/plain 2a03:2880:f10c:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?batch=1&events[0]=id%3D305698316755361%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fbooking.citigym.com.vn%252F%26rl%3D%26if%3Dfalse%26ts%3D1720496611230%26sw%3D1600%26sh%3D1200%26v%3D2.9.160%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.2.1720496611228.241609638586052473%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1720496610913%26coo%3Dfalse%26eid%3Dladi.1720496610840.44416794759%26exp%3Df1&events[1]=id%3D305698316755361%26ev%3DViewContent%26dl%3Dhttps%253A%252F%252Fbooking.citigym.com.vn%252F%26rl%3D%26if%3Dfalse%26ts%3D1720496611232%26sw%3D1600%26sh%3D1200%26v%3D2.9.160%26r%3Dstable%26ec%3D1%26o%3D4126%26fbp%3Dfb.2.1720496611228.241609638586052473%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1720496610913%26coo%3Dfalse%26eid%3Dladi.1720496610840.76206194712%26exp%3Df3&rqm=GET

Requested by

Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=2839, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 09 Jul 2024 03:43:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 256ms
243ms Image
image/png 2a03:2880:f10c:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=305698316755361&ev=PageView&dl=https%3A%2F%2Fbooking.citigym.com.vn%2F&rl=&if=false&ts=1720496611230&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.2.1720496611228.241609638586052473&ler=empty&cdl=API_unavailable&it=1720496610913&coo=false&eid=ladi.1720496610840.44416794759&exp=f1&rqm=FGET

Requested by

Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x2a6b153be26cb191","source_keys":["1","2"]},{"key_piece":"0x342c5cbe885ec5be","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 09 Jul 2024 03:43:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389476677903829620", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=3156, tp=-1, tpl=-1, uplat=237, ullat=0
pragma: no-cache
x-fb-debug: Ig3mjmkB4eYxDDuBPUZXBrayXgmQJ2j4IB2NSQO1ccngcJFJ/pvAJZOAlZQC8mbXWuKne3T2ZNTht7ZawmliNA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389476677903829620"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 313ms
300ms Image
image/png 2a03:2880:f10c:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=305698316755361&ev=ViewContent&dl=https%3A%2F%2Fbooking.citigym.com.vn%2F&rl=&if=false&ts=1720496611232&sw=1600&sh=1200&v=2.9.160&r=stable&ec=1&o=4126&fbp=fb.2.1720496611228.241609638586052473&ler=empty&cdl=API_unavailable&it=1720496610913&coo=false&eid=ladi.1720496610840.76206194712&exp=f3&rqm=FGET

Requested by

Host: booking.citigym.com.vn
URL: https://booking.citigym.com.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa363607906812368","source_keys":["1","2"]},{"key_piece":"0xfedf271286c05bdc","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 09 Jul 2024 03:43:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389476678976714775", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=6866, tp=-1, tpl=-1, uplat=294, ullat=0
pragma: no-cache
x-fb-debug: VSWtNJMi6p32dY34gw1e8sD0xFDkAr+eBmvF6TsFVoe5ep+G3lwSUrg1rd8vDQVAZY6mHDpRKLryWSPsIkjxyA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389476678976714775"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 page.php
www.facebook.com/v9.0/plugins/ Frame EFDB 0
0 229ms
217ms Document
text/html 2a03:2880:f10c:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v9.0/plugins/page.php?adapt_container_width=true&app_id=205063827585671&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7cf10372253d2da1%26domain%3Dbooking.citigym.com.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbooking.citigym.com.vn%252Ffbd9f862ff3c4c102%26relation%3Dparent.parent&container_width=405&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcitigymvn%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=messenger&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=1f47a57312c30baa2f3d4f089c416341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jul 2024 03:43:31 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389476677848385409"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389476677848385409", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1297, tbw=2767, tp=-1, tpl=-1, uplat=213, ullat=0
x-fb-debug: r+aEdhIRNLN2qnGgKee+IT38RWvchhBZcTKiJRanrzfFcaeJFN9b0YTX2Gpm/71D1ussS3ajklf3sBe9q20f2g==
x-xss-protection: 0

POST
H3 204 11016452960
google.com/ccm/form-data/ 0
17 B 40ms
17ms Ping
text/plain 74.125.68.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/11016452960?gtm=45be4730v896160995za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&npa=0&frm=0&pscdl=noapi&auid=904576390.1720496611&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11016452960
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.68.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f102.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 03:43:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://booking.citigym.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11016452960/ 4 KB
1 KB 16ms
12ms Script
text/javascript 74.125.130.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11016452960/?random=1720496611758&cv=11&fst=1720496611758&bg=ffffff&guid=ON&async=1&gtm=45be4730v896160995za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbooking.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=CITIGYM%20-%20%C4%90%E1%BA%B7t%20l%E1%BB%8Bch%20t%E1%BA%ADp%20luy%E1%BB%87n%20Gym%2C%20Yoga%2C%20Zumba%2C%20Dance%20...&npa=0&pscdl=noapi&auid=904576390.1720496611&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3DScrollDepth_75_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Dbooking.citigym.com.vn%2F%3Bnon_interaction%3Dtrue&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11016452960

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f155.1e100.net

Software

cafe /

Resource Hash

e9dd1ba707058a3fd9175966fbbcb5fd8d2e1f51b7aa6775be2d5b4f5c3906ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 03:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1502
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 12ms
11ms Fetch
text/plain 2404:6800:4003:c1c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-0V26T67EHN&gtm=45je4730v881218708za200&_p=1720496610841&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1172255601.1720496611&ecid=133197756&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1720496611&sct=1&seg=0&dl=https%3A%2F%2Fbooking.citigym.com.vn%2F&dt=CITIGYM%20-%20%C4%90%E1%BA%B7t%20l%E1%BB%8Bch%20t%E1%BA%ADp%20luy%E1%BB%87n%20Gym%2C%20Yoga%2C%20Zumba%2C%20Dance%20...&en=video_start&epn.video_current_time=0&epn.video_duration=196&epn.video_percent=0&ep.video_provider=youtube&ep.video_title=H%C6%B0%E1%BB%9Bng%20d%E1%BA%ABn%20c%C3%A0i%20%C4%91%E1%BA%B7t%20v%C3%A0%20s%E1%BB%AD%20d%E1%BB%A5ng%20%E1%BB%A9ng%20d%E1%BB%A5ng%20t%E1%BA%ADp%20luy%E1%BB%87n%20CITIGYM&ep.video_url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DzYwgIpEfle0&ep.visible=true&_et=625&tfd=1256&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0V26T67EHN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1c::8b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 03:43:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://booking.citigym.com.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
10ms Image
image/gif 142.251.175.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1445132350&t=event&ni=1&_s=2&dl=https%3A%2F%2Fbooking.citigym.com.vn%2F&ul=en-sg&de=UTF-8&dt=CITIGYM%20-%20%C4%90%E1%BA%B7t%20l%E1%BB%8Bch%20t%E1%BA%ADp%20luy%E1%BB%87n%20Gym%2C%20Yoga%2C%20Zumba%2C%20Dance%20...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=LadiPageScrollDepth&ea=ScrollDepth_75_percent&el=booking.citigym.com.vn%2F&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=1172255601.1720496611&tid=UA-132995851-1&_gid=1316716688.1720496611&gtm=457e4730za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&jsscut=1&z=672891737

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.100 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:13:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62973
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
101 B 10ms
9ms Image
text/plain 2a03:2880:f10c:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?batch=1&events[0]=id%3D305698316755361%26ev%3DScrollDepth_75_percent%26dl%3Dhttps%253A%252F%252Fbooking.citigym.com.vn%252F%26rl%3D%26if%3Dfalse%26ts%3D1720496611755%26sw%3D1600%26sh%3D1200%26v%3D2.9.160%26r%3Dstable%26ec%3D2%26o%3D4126%26fbp%3Dfb.2.1720496611228.241609638586052473%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1720496610913%26coo%3Dfalse%26exp%3Df3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=8177, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 09 Jul 2024 03:43:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 173ms
173ms Image
image/png 2a03:2880:f10c:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=305698316755361&ev=ScrollDepth_75_percent&dl=https%3A%2F%2Fbooking.citigym.com.vn%2F&rl=&if=false&ts=1720496611755&sw=1600&sh=1200&v=2.9.160&r=stable&ec=2&o=4126&fbp=fb.2.1720496611228.241609638586052473&ler=empty&cdl=API_unavailable&it=1720496610913&coo=false&exp=f3&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1a04b45027c9f0a8","source_keys":["1","2"]},{"key_piece":"0x85f1a6592ab4a02d","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 09 Jul 2024 03:43:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389476678353658242", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=8322, tp=-1, tpl=-1, uplat=166, ullat=0
pragma: no-cache
x-fb-debug: 0i2dbwUL1MJoiY7wq27M1QDkl9MRW4mYTO7TlIV49PqeeyXgu8CtFIOb5B2OGEkgnPv6criVFM8k4sQzf/ToPw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389476678353658242"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11016452960/ 42 B
64 B 24ms
23ms Image
image/gif 142.251.12.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11016452960/?random=1720496611758&cv=11&fst=1720494000000&bg=ffffff&guid=ON&async=1&gtm=45be4730v896160995za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbooking.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=CITIGYM%20-%20%C4%90%E1%BA%B7t%20l%E1%BB%8Bch%20t%E1%BA%ADp%20luy%E1%BB%87n%20Gym%2C%20Yoga%2C%20Zumba%2C%20Dance%20...&npa=0&pscdl=noapi&auid=904576390.1720496611&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3DScrollDepth_75_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Dbooking.citigym.com.vn%2F%3Bnon_interaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLsLw68D14ymh4gL21raYcN3eOtovgh4Ch6yUljI8O5XxCD-jN&random=1061997221&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.147 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 03:43:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/11016452960/ 42 B
64 B 27ms
26ms Image
image/gif 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/11016452960/?random=1720496611758&cv=11&fst=1720494000000&bg=ffffff&guid=ON&async=1&gtm=45be4730v896160995za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbooking.citigym.com.vn%2F&hn=www.googleadservices.com&frm=0&tiba=CITIGYM%20-%20%C4%90%E1%BA%B7t%20l%E1%BB%8Bch%20t%E1%BA%ADp%20luy%E1%BB%87n%20Gym%2C%20Yoga%2C%20Zumba%2C%20Dance%20...&npa=0&pscdl=noapi&auid=904576390.1720496611&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3DScrollDepth_75_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Dbooking.citigym.com.vn%2F%3Bnon_interaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLsLw68D14ymh4gL21raYcN3eOtovgh4Ch6yUljI8O5XxCD-jN&random=1061997221&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 03:43:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

logo-20200303070753.png
w.ladicdn.com/5e54ce64f4a6442c5ac64044/
Redirect Chain

https://static.ladipage.net/5e54ce64f4a6442c5ac64044/logo-20200303070753.png
https://w.ladicdn.com/5e54ce64f4a6442c5ac64044/logo-20200303070753.png

3 KB
3 KB

10ms
10ms

Other
image/png

2600:9000:223b:6400:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/5e54ce64f4a6442c5ac64044/logo-20200303070753.png
Protocol: H2
Server: 2600:9000:223b:6400:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7400efc5c3c672ce626ae9d0e64d1ff8ad49e667e085cc22514cb9d7089eea1f

Request headers

Referer: https://booking.citigym.com.vn/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 01:48:03 GMT
content-encoding: gzip
via: 1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 23075729
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: r5YCwKVzSuR78U7gXk70NiOp4jdKDw08UyeIsBogyn7tEpqwAjHoTw==
expires: Tue, 15 Oct 2024 01:48:03 GMT

Redirect headers

location: https://w.ladicdn.com:443/5e54ce64f4a6442c5ac64044/logo-20200303070753.png
date: Tue, 09 Jul 2024 03:43:32 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
booking.citigym.com.vn/	1970-01-21 07:30:56	Name: LADI_DNS_CHECK Value: "2024-07-09 03:43:30.633646703 +0000 UTC m=+694022.962711073"
booking.citigym.com.vn/	1970-01-21 07:30:56	Name: LADI_CLIENT_ID Value: 5ae6bb4f-a172-4521-68cb-0190d971b087
booking.citigym.com.vn/	1970-01-21 07:30:56	Name: LADI_FORM_SUBMIT Value: 0
booking.citigym.com.vn/	1970-01-21 07:30:56	Name: LADI_PAGE_VIEW Value: 1
booking.citigym.com.vn/	1970-01-20 21:56:23	Name: _timenow Value: 1720496610743
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: pmrM0lMRypI
.youtube.com/	1970-01-21 02:14:08	Name: VISITOR_INFO1_LIVE Value: Df3LZvwodO0
.youtube.com/	1970-01-21 02:14:08	Name: VISITOR_PRIVACY_METADATA Value: CgJTRxIEGgAgZg%3D%3D
.citigym.com.vn/	1970-01-21 00:04:32	Name: _gcl_au Value: 1.1.904576390.1720496611
.citigym.com.vn/	1970-01-21 07:30:56	Name: _ga Value: GA1.3.1172255601.1720496611
.citigym.com.vn/	1970-01-20 21:56:23	Name: _gid Value: GA1.3.1316716688.1720496611
.citigym.com.vn/	1970-01-20 21:54:56	Name: _gat_gtag_UA_132995851_1 Value: 1
.citigym.com.vn/	1970-01-21 00:04:32	Name: _fbp Value: fb.2.1720496611228.241609638586052473
.citigym.com.vn/	1970-01-21 07:30:56	Name: _ga_0V26T67EHN Value: GS1.1.1720496611.1.0.1720496611.60.0.133197756
.doubleclick.net/	1970-01-21 07:30:56	Name: IDE Value: AHWqTUl2VB52LWD4x2fPHN8dRbyBDRIVtEdCqJI59WHiVUNdrQImpnXVWfJYl_Ae

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/5352eb4f/www-widgetapi.vflset/www-widgetapi.js(Line 200) Message: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
analytics.google.com
booking.citigym.com.vn
connect.facebook.net
g.ladicdn.com
google.com
googleads.g.doubleclick.net
img.youtube.com
static.ladipage.net
stats.g.doubleclick.net
w.ladicdn.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.youtube.com
13.214.101.97
13.228.81.39
142.251.12.147
142.251.175.100
2404:6800:4003:c00::5d
2404:6800:4003:c00::5e
2404:6800:4003:c00::61
2404:6800:4003:c02::8a
2404:6800:4003:c02::9c
2404:6800:4003:c04::64
2404:6800:4003:c1c::8b
2600:9000:223b:6400:11:52e1:b680:93a1
2a03:2880:f00c:19:face:b00c:0:3
2a03:2880:f10c:83:face:b00c:0:25de
52.76.157.212
54.179.173.60
74.125.130.155
74.125.200.94
74.125.68.102
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525
0a09006f1d681981dfe2718797756be7cd13b168585683e89d92c609d061865e
0e8766356e7b8f563df27d4e7928077709065f892850c9089cb42d922530fc7f
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
388130c53fa2fcc0362965813254f8ebe86c83c604754a69270cd228654902a5
3c3c611b447598b7e92816ac0dd8276141fe71610ff43c2b473a2a527b7bec2e
4b81e21fec073afbcbc2f4743fb79126ec31d3c3159c8dd102db3b64dfcb2fca
54d86716fecee1adf2d23273fe078cab4b7b0db3da3459fa9a42f5312427adf2
56d25827f5cc7e68396d9752d3a3e937191fe773b49cbd1049401569315c615c
5c248a509f1aafd9c718b1b6e6d933e6c9ebd9451c60a249052eb83755fc9f60
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
700faffbcdc9690a2afb810f5b736ca35912427a5b2cccc7dc0c5141afba9209
7400efc5c3c672ce626ae9d0e64d1ff8ad49e667e085cc22514cb9d7089eea1f
79468c1163c13d089fa7649c9035be262dce2572625b20b77bd6c6e20dc914b6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c95e8a2ee6a4ac7118760b27297d7f46c59b14f5363e3abfc1093230e000270
96e567e55058088bf057ebeb964b202435a2c745a55f49df106fe22f2a9a8e11
9e05f5b393f62f03029cfbc5b025ebcfdd0fcc70dbdafd5f52d1f82e30d12de7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b27b7231a372758fa1a632e0bbe9a638de6956c6ec74dc21e1d9ee81cf7a77c2
c3b03ce5551b370cebe97a23cb4b66d3034f2a4351536c3180f79446ee4fc142
cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf
cfafed18fbc1e0b01fc2ebd16437b4e47c3c3fe1107fdf3c935a181f2d5b90bc
d5145fc03837baf51805c149a9bcabb4081ca7c82149fa1de46d8e3ddc488101
d7a4d3c6bbb813b80afb47a45e75320ff14b02e65ad1ca740d62bcbfb646f2ad
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1c365f45fa60b8701d32f7c325957d650d63cc9563ba8a5b4bce1527255b853
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9dd1ba707058a3fd9175966fbbcb5fd8d2e1f51b7aa6775be2d5b4f5c3906ab
ecbb21d50350969468cfa2b866f559190324d91582f01866da0a6e7ecda028d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5fc814bb55660ca4732b227bcea35968d3cce86a206b4d0a09896cca615726e
f8040103a135557b9f98189af5ba1715d8bf2a7b3843cec51d4a071a52a47f30

booking.citigym.com.vn Open in urlscan Pro 54.179.173.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

53 %IPv6

12 Domains

17 Subdomains

19 IPs

2 Countries

1779 kBTransfer

3601 kBSize

15 Cookies

6 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

booking.citigym.com.vn Open in urlscan Pro
54.179.173.60 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

53 %
IPv6

12
Domains

17
Subdomains

19
IPs

2
Countries

1779 kB
Transfer

3601 kB
Size

15
Cookies

49 HTTP transactions
1 data transactions