urlscan.io logo urlscan.io
SecurityTrails logo

support.msbacademy.com Open in urlscan Pro
54.195.66.141  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://support.msbacademy.com/
Effective URL: https://support.msbacademy.com/en
Submission: On November 29 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 17 HTTP transactions. The main IP is 54.195.66.141, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is support.msbacademy.com.
TLS certificate: Issued by R3 on November 29th 2022. Valid for: 3 months.
This is the only time support.msbacademy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    54.195.66.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-66-141.eu-west-1.compute.amazonaws.com
support.msbacademy.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    38.27.106.51 (Kennedyville, United States)

ASN395717 (BLUEARCHIVE-ZONE-1, US)
kb-production.s3.wasabisys.com
1    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f01c:20e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
socialplugin.facebook.net
3    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
5 wasabisys.com
kb-production.s3.wasabisys.com
353 KB
5 msbacademy.com
support.msbacademy.com
34 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
4 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
socialplugin.facebook.net — Cisco Umbrella Rank: 8604
92 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
1 KB
17 6
Domain Requested by
5 kb-production.s3.wasabisys.com support.msbacademy.com
5 support.msbacademy.com 1 redirects support.msbacademy.com
3 www.facebook.com connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
1 socialplugin.facebook.net connect.facebook.net
1 connect.facebook.net support.msbacademy.com
1 fonts.googleapis.com support.msbacademy.com
17 7

This site contains links to these domains. Also see Links.

Domain
msb-academy-support.thrivedeskdocs.com
msbacademy.com
www.thrivedesk.com
Subject Issuer Validity Valid
support.msbacademy.com
R3		 2022-11-29 -
2023-02-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.s3.wasabisys.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-23 -
2023-10-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-07 -
2022-12-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://support.msbacademy.com/en
Frame ID: 93B979AEE3228AE93505FDA3B345ACA0
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MSB Academy Support Portal

Page URL History Show full URLs

  1. https://support.msbacademy.com/ HTTP 302
    https://support.msbacademy.com/en Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

514 kB
Transfer

832 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://support.msbacademy.com/ HTTP 302
    https://support.msbacademy.com/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request en
support.msbacademy.com/
Redirect Chain
  • https://support.msbacademy.com/
  • https://support.msbacademy.com/en
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://support.msbacademy.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.195.66.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-66-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
131be0347f518e9461524ddc295d4fcff4164299d1bd9623222e223415444ea8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 29 Nov 2022 13:22:34 GMT
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, private
content-length
378
content-type
text/html; charset=UTF-8
date
Tue, 29 Nov 2022 13:22:34 GMT
location
https://support.msbacademy.com/en
status
302 Found
site.js
support.msbacademy.com/js/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.msbacademy.com/js/site.js
Requested by
Host: support.msbacademy.com
URL: https://support.msbacademy.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.195.66.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-66-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef7deac2941c77f478572a020efd268489e0533140bfa6b7e9261e95435591db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.msbacademy.com/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:22:34 GMT
content-encoding
gzip
last-modified
Mon, 22 Aug 2022 04:28:45 GMT
etag
"rh01rxxms"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A%7CRoboto%3A500&display=swap
Requested by
Host: support.msbacademy.com
URL: https://support.msbacademy.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.msbacademy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Nov 2022 13:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 13:22:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Nov 2022 13:22:34 GMT
site.css
support.msbacademy.com/css/ 		67 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.msbacademy.com/css/site.css
Requested by
Host: support.msbacademy.com
URL: https://support.msbacademy.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.195.66.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-66-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7f9b3e5cc6c315e618d0989b22ed0b8e4ef3ebbff0fe559090273bd4a6b7f06d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.msbacademy.com/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:22:34 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 06:18:59 GMT
etag
"rhq47n1hal"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
editor.css
support.msbacademy.com/css/ 		3 KB
864 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.msbacademy.com/css/editor.css
Requested by
Host: support.msbacademy.com
URL: https://support.msbacademy.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.195.66.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-66-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
88a97444a9ab0fda3d9179724253abee195fc43ff6d2bd5910cda638d7d051d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.msbacademy.com/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:22:34 GMT
content-encoding
gzip
last-modified
Mon, 22 Aug 2022 04:28:45 GMT
etag
"rh01rx20l"
content-length
783
vary
Accept-Encoding
content-type
text/css; charset=utf-8
va4eBvaF4Y5MtSPNQFo8sqDDK86QXExiOK5bkSjE.png
kb-production.s3.wasabisys.com/97ca2e5074b74adcade815b72eeaf62a/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb-production.s3.wasabisys.com/97ca2e5074b74adcade815b72eeaf62a/va4eBvaF4Y5MtSPNQFo8sqDDK86QXExiOK5bkSjE.png
Requested by
Host: support.msbacademy.com
URL: https://support.msbacademy.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.106.51 Kennedyville, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software
WasabiS3/7.9.1306-2022-11-09-489242991d (head07) /
Resource Hash
66034f0ca1a389f09d35581634b9d9ef30619af8596377e2af82d8fe44a87741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.msbacademy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 13:22:35 GMT
Last-Modified
Sun, 20 Nov 2022 12:27:47 GMT
Server
WasabiS3/7.9.1306-2022-11-09-489242991d (head07)
x-amz-request-id
9912DBCC9DB4225B
ETag
"159d001e02c50aef1e8740e14b1700cb"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
23076
x-amz-id-2
oorsb/xJRfZNG/DHwFqBrtBZrbC7QHTNrzN9nCs10LmCLyVkCZTEmHpP9xmm1ab9qPudV4zmyaPX
17IzivUtFHnNHeNwpeSx6eQphfwOXjOO96gXZeIo.png
kb-production.s3.wasabisys.com/97ca2e5074b74adcade815b72eeaf62a/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb-production.s3.wasabisys.com/97ca2e5074b74adcade815b72eeaf62a/17IzivUtFHnNHeNwpeSx6eQphfwOXjOO96gXZeIo.png
Requested by
Host: support.msbacademy.com
URL: https://support.msbacademy.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.106.51 Kennedyville, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software
WasabiS3/7.9.1306-2022-11-09-489242991d (head04) /
Resource Hash
b6bf7d0c03b5dc93e6ead332df532b94837843e2c3e562bbf13e4faff0119cfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.msbacademy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 13:22:35 GMT
Last-Modified
Sat, 26 Nov 2022 23:24:49 GMT
Server
WasabiS3/7.9.1306-2022-11-09-489242991d (head04)
x-amz-request-id
2FA189D32BFAB0D9
ETag
"ddedb9d289b421458e6da64d0098b3f4"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
109120
x-amz-id-2
Fjb78NXh0lhevlmeJVQ4N71YNUbkSrYN04asDdQ7sATj4w9nQFOLT2sA06aQlU3UO7cVCaE1iGYR
Ilrtdj26mw8OTQitYzwhRwNpm4c385OazD9QUy6W.png
kb-production.s3.wasabisys.com/97ca2e5074b74adcade815b72eeaf62a/ 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb-production.s3.wasabisys.com/97ca2e5074b74adcade815b72eeaf62a/Ilrtdj26mw8OTQitYzwhRwNpm4c385OazD9QUy6W.png
Requested by
Host: support.msbacademy.com
URL: https://support.msbacademy.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.106.51 Kennedyville, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software
WasabiS3/7.9.1306-2022-11-09-489242991d (head11) /
Resource Hash
7680256f7afe18325430c29d5218e2cab7a58f745fe789485b071147c17a167b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.msbacademy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 13:22:35 GMT
Last-Modified
Sat, 26 Nov 2022 23:10:07 GMT
Server
WasabiS3/7.9.1306-2022-11-09-489242991d (head11)
x-amz-request-id
B86AC430E8770800
ETag
"599c2d0aa4e3773a82a56499a1b006a0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
147503
x-amz-id-2
wMacYFRY7AZbrJ20a5SU1VHlFwI/fAwDk2FlwxWduP/FJ2G9D6O9sSQ+zVlYiFiY1T8kngONjeLC
ZzyuX91rCA22GkE3YWYOzFdTiJZHOCkG6Jx07BtE.png
kb-production.s3.wasabisys.com/97ca2e5074b74adcade815b72eeaf62a/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb-production.s3.wasabisys.com/97ca2e5074b74adcade815b72eeaf62a/ZzyuX91rCA22GkE3YWYOzFdTiJZHOCkG6Jx07BtE.png
Requested by
Host: support.msbacademy.com
URL: https://support.msbacademy.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.106.51 Kennedyville, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software
WasabiS3/7.9.1306-2022-11-09-489242991d (head17) /
Resource Hash
f5d40446c30ba246aff592b242811caf53023f88b852c761f216661b1082a953

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.msbacademy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 13:22:35 GMT
Last-Modified
Sun, 20 Nov 2022 12:12:31 GMT
Server
WasabiS3/7.9.1306-2022-11-09-489242991d (head17)
x-amz-request-id
545A276DA1BEC557
ETag
"6a9c9eb9f598717ab88819a6e31c3f9d"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
54484
x-amz-id-2
A/P5putyx5ikwNb1PFpAeULs81CPft8V5z9a5Ok9GC0qaoXcF5HLPDL3lKohoqc9l8i0YC31N9gG
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/ 		320 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Requested by
Host: support.msbacademy.com
URL: https://support.msbacademy.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
73d2435c63caf38c8a08263c3774679b63f37a70ce4bb21429d54f95a8ba26d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.msbacademy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Nov 2022 13:22:34 GMT
content-md5
Ij77kPgXJCWSpdHXn97/Ug==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
92387
x-fb-rlafr
0
x-fb-debug
98FKmxygqNf+1ANscru+j4my+jsoxWTK1XqCb6SZWLQ3gC6b7OMN1AAlI6IchfnHrjphKy41uM9MkcB3aAgB+Q==
x-fb-trip-id
917726464
x-fb-content-md5
1c2480ce951ad6a3b8ccfdc4311f001b
cross-origin-opener-policy
same-origin-allow-popups
etag
"26f2e9276d1dd500f18fdb033580ed58"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Tue, 29 Nov 2022 13:32:49 GMT
kEB8qsiaHaFdE51cqZ7TaiERDOAVge3gzTEjE9Xo.jpg
kb-production.s3.wasabisys.com/97ca2e5074b74adcade815b72eeaf62a/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb-production.s3.wasabisys.com/97ca2e5074b74adcade815b72eeaf62a/kEB8qsiaHaFdE51cqZ7TaiERDOAVge3gzTEjE9Xo.jpg
Requested by
Host: support.msbacademy.com
URL: https://support.msbacademy.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.106.51 Kennedyville, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software
WasabiS3/7.9.1306-2022-11-09-489242991d (head22) /
Resource Hash
553707045356b244b9c2ee8b42b511ba2bd83d5454ec36a679e9502fc156e4a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.msbacademy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 13:22:35 GMT
Last-Modified
Sat, 26 Nov 2022 22:43:02 GMT
Server
WasabiS3/7.9.1306-2022-11-09-489242991d (head22)
x-amz-request-id
25BEFFA66049A7B9
ETag
"71790154e603f6983ef29bcf72227831"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
25034
x-amz-id-2
PcBT4yBlixZMg6ciGskEDKZUC4wPCEaTBtA1VesTs9sQDCYth1DnbC4WHH6BcP2qpH4n8SGjIgAG
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A%7CRoboto%3A500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://support.msbacademy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 20:10:25 GMT
x-content-type-options
nosniff
age
493929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 20:10:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A%7CRoboto%3A500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://support.msbacademy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 13:14:53 GMT
x-content-type-options
nosniff
age
346061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 13:14:53 GMT
/
socialplugin.facebook.net/new_domain_gating/ 		40 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=641932259251272&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://support.msbacademy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
date
Tue, 29 Nov 2022 13:22:36 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
lPX67C7Oj/HSOoTh3O1SdqryRkLklnMXnVP4DpG91kfYveR1ENiirMqvdu+gBoYpn8f4nIjMrdM/z6vo4zvgMQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://support.msbacademy.com
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c02204e28186%26domain%3Dsupport.msbacademy.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsupport.msbacademy.com%252Ff27a0d18b82bd0c%26relation%3Dparent.parent&current_url=https%3A%2F%2Fsupport.msbacademy.com%2Fen&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=ad7f8ac5-75cf-40c6-84fd-326076b9a797&page_id=641932259251272&request_time=1669728156376&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://support.msbacademy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Tue, 29 Nov 2022 13:22:36 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
KJthN8DIDlZmLcqW25gQLBHJIFtUFvd0svG4A2Lhg0UfM8kPfsdyEy6ZsjjNvJnnAxva18xR2oAzBctU1XxTiw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://support.msbacademy.com
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/facade/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c02204e28186%26domain%3Dsupport.msbacademy.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsupport.msbacademy.com%252Ff27a0d18b82bd0c%26relation%3Dparent.parent&current_url=https%3A%2F%2Fsupport.msbacademy.com%2Fen&is_loaded_by_facade=true&locale=en_US&log_id=ad7f8ac5-75cf-40c6-84fd-326076b9a797&page_id=641932259251272&request_time=1669728156376&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
72260416818ab169e9f32f1bcbb23f2e3547ddea968d639ff8b8bb065f2def2b
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://support.msbacademy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 29 Nov 2022 13:22:36 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
Q6u7WTD1fjRDY6olyK7BfNs+h4/i0lCdXS8PQtZMzgtmlWdhuinMti/+MuakU4Nr64Tb+mj3L0x9NiOfPsnjbg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://support.msbacademy.com
cache-control
private, no-cache, no-store, must-revalidate
x-frame-options
DENY
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c02204e28186%26domain%3Dsupport.msbacademy.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsupport.msbacademy.com%252Ff27a0d18b82bd0c%26relation%3Dparent.parent&current_url=https%3A%2F%2Fsupport.msbacademy.com%2Fen&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=256&locale=en_US&log_id=ad7f8ac5-75cf-40c6-84fd-326076b9a797&page_id=641932259251272&request_time=1669728156632&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://support.msbacademy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Tue, 29 Nov 2022 13:22:36 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
JjBEW1ChEqxj9Yl4X70FpjHx/KRyuu2U7pPI1MM7+wdgP8jzJ/DWx2by5nI96hSyknih7Lk1Ee/nSZnz1QYU6w==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://support.msbacademy.com
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| chatbox function| fbAsyncInit object| utils object| tocbot function| openModalById object| FB

2 Cookies

Domain/Path Name / Value
support.msbacademy.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjdhbXNFdU9uT0ZOSUJ2TWZuZllIUHc9PSIsInZhbHVlIjoicXErUHZsai8zNzBTNmJrZVpkcTVNQWNmbnp4dXAzaUNxQ28zWTU4SjBmSmpNQjR3My9WcUJ3Y0lVSGJwcDYyK2o0ejI2TzgrRjJ3RFVNUUZIS3dwVm9yQTdOQkxpZWN3ZDJMM0d1Q3IyNjJhOEFUVzE3Wmswalltd05MNlE4emUiLCJtYWMiOiI3MTkwMjhlNzg5ZGQ4OGQ2NDk3MTE0NzgzYWNkZGUxZGEzYTRiYmE4NjBkZjI5MWE5MGRiZWFhODE3ZmQ1YTExIiwidGFnIjoiIn0%3D
support.msbacademy.com/ Name: thrive_kb_session
Value: eyJpdiI6Ill3UC9WV0pwS1RwcW1YNDJYaTdXRmc9PSIsInZhbHVlIjoiMlV3VGJ1a01UeTdkYVpHNmlObThvTkVOcFBGV0hwNjZsWHNsNm5QeGcvQnoxeTRDUXRzZ0lVdDBTc2dOOEQrOW15TmZXTGgwNTRBaktWcXBrblZKYW85VVZYaFRzYkJVY0pjWXBYYXI5ZHJNcXVZb0JFN0Q5Vzc4RTRhOWt6eDciLCJtYWMiOiI4NmY2ZjlhZGIyMzg4MjhlOTc2MzE0NzUwMTVkZTFiOTc5NzM3MDcxODcyYzQyNzY0ZGYwZThhMGRlMmUwNjllIiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
kb-production.s3.wasabisys.com
socialplugin.facebook.net
support.msbacademy.com
www.facebook.com
2a00:1450:4001:806::200a
2a00:1450:4001:82f::2003
2a03:2880:f01c:20e:face:b00c:0:2
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
38.27.106.51
54.195.66.141
131be0347f518e9461524ddc295d4fcff4164299d1bd9623222e223415444ea8
3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110
553707045356b244b9c2ee8b42b511ba2bd83d5454ec36a679e9502fc156e4a9
66034f0ca1a389f09d35581634b9d9ef30619af8596377e2af82d8fe44a87741
72260416818ab169e9f32f1bcbb23f2e3547ddea968d639ff8b8bb065f2def2b
73d2435c63caf38c8a08263c3774679b63f37a70ce4bb21429d54f95a8ba26d3
7680256f7afe18325430c29d5218e2cab7a58f745fe789485b071147c17a167b
7f9b3e5cc6c315e618d0989b22ed0b8e4ef3ebbff0fe559090273bd4a6b7f06d
88a97444a9ab0fda3d9179724253abee195fc43ff6d2bd5910cda638d7d051d9
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b6bf7d0c03b5dc93e6ead332df532b94837843e2c3e562bbf13e4faff0119cfe
cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef7deac2941c77f478572a020efd268489e0533140bfa6b7e9261e95435591db
f5d40446c30ba246aff592b242811caf53023f88b852c761f216661b1082a953
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615