facebookstart.bitgroup.vn Open in urlscan Pro
13.250.255.10  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response facebookstart.bitgroup.vn/	132 KB 22 KB	570ms 169ms	Document text/html	13.250.255.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://facebookstart.bitgroup.vn/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.250.255.10 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-250-255-10.ap-southeast-1.compute.amazonaws.com Software openresty / Resource Hash 9e26ebc3e65cf20f9d3379d737516114f5e8bb7cedb2dd24008b9ce18bb6b890 Request headers :method GET :authority facebookstart.bitgroup.vn :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server openresty date Fri, 24 Sep 2021 03:12:54 GMT content-type text/html; charset=utf-8 vary Accept-Encoding cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 set-cookie LADI_CLIENT_ID=404f13ee-53c7-448d-4a4d-773a36f6f703; Expires=Mon, 22 Sep 2031 03:12:54 GMT LADI_PAGE_VIEW=0; Expires=Mon, 22 Sep 2031 03:12:54 GMT LADI_FORM_SUBMIT=0; Expires=Mon, 22 Sep 2031 03:12:54 GMT LADI_PAGE_VIEW=1; Expires=Mon, 22 Sep 2031 03:12:54 GMT LADI_CAMP_ID=; Max-Age=0 LADI_CAMP_NAME=; Max-Age=0 LADI_CAMP_TYPE=; Max-Age=0 LADI_CAMP_ORIGIN_URL=; Max-Age=0 LADI_CAMP_TARGET_URL=; Max-Age=0 LADI_CAMP_PAGE_VIEW=; Max-Age=0 LADI_CAMP_FORM_SUBMIT=; Max-Age=0 LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Max-Age=0 LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Max-Age=0 LADI_CAMP_CONFIG=; Max-Age=0 LADI_CAMP_END_DATE=; Max-Age=0 LADI_FUNNEL_NEXT_URL=; Max-Age=0 LADI_FUNNEL_PREV_URL=; Max-Age=0 statuscode 200 content-encoding gzip
GET H2	200	css fonts.googleapis.com/	17 KB 2 KB	79ms 31ms	Stylesheet text/css	142.250.185.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular|Montserrat:bold,regular|Quicksand:bold,regular|Roboto:bold,regular&display=swap Requested by Host: facebookstart.bitgroup.vn URL: https://facebookstart.bitgroup.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f10.1e100.net Software ESF / Resource Hash ddaba2821a4422ab0adcd7d8eb4824494ede5845bdb7eb56f17c13e9c38ef1d0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 24 Sep 2021 03:12:54 GMT server ESF date Fri, 24 Sep 2021 03:12:54 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 24 Sep 2021 03:12:54 GMT
GET H2	200	ladipage.vi.min.js Show response w.ladicdn.com/v2/source/	272 KB 62 KB	96ms 27ms	Script text/javascript	104.18.12.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1620704888272 Requested by Host: facebookstart.bitgroup.vn URL: https://facebookstart.bitgroup.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b239f620e0fd02feb88c7a4bb661fdad457e2a809ac2ef68bf970cd9fddd69ab Request headers Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 24 Sep 2021 03:12:54 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 634284 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 2592000 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true cf-ray 6938d5748d66c4d1-DUS access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials expires Sat, 24 Sep 2022 03:12:54 GMT
GET H2	200	c.js Show response c.trazk.com/	193 B 713 B	656ms 522ms	Script application/javascript	104.21.20.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.trazk.com/c.js Requested by Host: facebookstart.bitgroup.vn URL: https://facebookstart.bitgroup.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4360b575ca69304797515680cd78b6ef27e6d6ef0a38d7daff474bc1b55aa1bb Security Headers Name Value X-Frame-Options ALLOWALL Request headers Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 24 Sep 2021 03:12:55 GMT content-encoding br vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options ALLOWALL report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muPpE0yE3hGDA6KV1FqamqnPUe67ghgcTAtNbnCFSnloz0K1wzbQMVz9RzYurhvUBGfRHoYfkC%2BpRR%2FlIPcJzGwC2h3cDRdna%2FV%2F89IEMPZWMtUj5MA9JTsCQU9vyw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cf-ray 6938d575db5c4055-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	ladipage.min.css w.ladicdn.com/v2/source/	65 KB 7 KB	21ms 20ms	Stylesheet text/css	104.18.12.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v2/source/ladipage.min.css?v=1620704888272 Requested by Host: facebookstart.bitgroup.vn URL: https://facebookstart.bitgroup.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2bba875302b129847c1b0c14a5abbd40840358939392ae25ee8acd66c1c74045 Request headers Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 24 Sep 2021 03:12:54 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 11738944 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 2592000 access-control-allow-methods GET content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true cf-ray 6938d5750db2c4d1-DUS access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials expires Sat, 24 Sep 2022 03:12:54 GMT
GET H2	200	xfbml.customerchat.js Show response connect.facebook.net/vi_VN/sdk/	300 KB 86 KB	140ms 7ms	Script application/x-javascript	31.13.92.14 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js Requested by Host: facebookstart.bitgroup.vn URL: https://facebookstart.bitgroup.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-frt3.fbcdn.net Software / Resource Hash 42cfd744767302efc3d1e0ffd487ebc16146f0921857bf2f53da6a7f4da434bd Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 aX2lU1g56wSp/GviuzRmLw== cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 87273 x-fb-rlafr 0 x-fb-debug T/VOpfH6YKXslD/Qld2MLg6fHzXin0DZVnGT0QAxTZpQjO/TzaREk0D5elauq1nRuTZxvSFNB0DXowgUxS97LA== x-fb-trip-id 686109401 x-fb-content-md5 3cebebfe8e70690a5caca1a9619c6a32 x-frame-options DENY date Fri, 24 Sep 2021 03:12:54 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 etag "e67fdf06ea5e67bdc150793c440ea399" timing-allow-origin * expires Fri, 24 Sep 2021 03:25:10 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v26/	44 KB 44 KB	155ms 23ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular|Montserrat:bold,regular|Quicksand:bold,regular|Roboto:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://facebookstart.bitgroup.vn Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 17:03:52 GMT x-content-type-options nosniff age 36542 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44760 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:17 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 23 Sep 2022 17:03:52 GMT
GET H2	200	neILzCirqoswsqX9zoKmMw.woff2 fonts.gstatic.com/s/lobster/v23/	33 KB 33 KB	215ms 84ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lobster/v23/neILzCirqoswsqX9zoKmMw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular|Montserrat:bold,regular|Quicksand:bold,regular|Roboto:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash c5f64eafdc8767d3c827776ba86c7a5b934ff74abced803c7196cca9d45a0204 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://facebookstart.bitgroup.vn Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 17 Sep 2021 07:53:08 GMT x-content-type-options nosniff age 587986 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33428 x-xss-protection 0 last-modified Thu, 10 Sep 2020 17:07:37 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 17 Sep 2022 07:53:08 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	20 KB 20 KB	183ms 52ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular|Montserrat:bold,regular|Quicksand:bold,regular|Roboto:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://facebookstart.bitgroup.vn Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 22 Sep 2021 01:25:05 GMT x-content-type-options nosniff age 179269 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20040 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:44 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 22 Sep 2022 01:25:05 GMT
GET H2	200	6xKtdSZaM9iE8KbpRA_hK1QN.woff2 fonts.gstatic.com/s/quicksand/v24/	25 KB 25 KB	203ms 72ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular|Montserrat:bold,regular|Quicksand:bold,regular|Roboto:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 1a77bc9cd8df8f7680ab07cf42d9aef3147f5c6fc7fe2050ccee4ea11b22c6cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://facebookstart.bitgroup.vn Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 22 Sep 2021 19:51:14 GMT x-content-type-options nosniff age 112900 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25700 x-xss-protection 0 last-modified Mon, 26 Jul 2021 18:17:05 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 22 Sep 2022 19:51:14 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 fonts.gstatic.com/s/opensans/v26/	31 KB 31 KB	230ms 102ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular|Montserrat:bold,regular|Quicksand:bold,regular|Roboto:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash cf34c41118af0e84df8a1d8536a15825937068ffc4290c4a2087c0b848caa36f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://facebookstart.bitgroup.vn Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 17:10:57 GMT x-content-type-options nosniff age 36117 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31404 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:17 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 23 Sep 2022 17:10:57 GMT
GET H2	200	neILzCirqoswsqX9zoymM5Ez.woff2 fonts.gstatic.com/s/lobster/v23/	26 KB 27 KB	208ms 90ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lobster/v23/neILzCirqoswsqX9zoymM5Ez.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular|Montserrat:bold,regular|Quicksand:bold,regular|Roboto:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 93b6be93155108a375512d5c0651ca3d0929a61d38dfc7e6b2d129ef8b424aa9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://facebookstart.bitgroup.vn Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 07:32:38 GMT x-content-type-options nosniff age 330016 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27084 x-xss-protection 0 last-modified Thu, 10 Sep 2020 17:09:52 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 20 Sep 2022 07:32:38 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_dJE3gfD_u50.woff2 fonts.gstatic.com/s/montserrat/v18/	16 KB 16 KB	206ms 95ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gfD_u50.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular|Montserrat:bold,regular|Quicksand:bold,regular|Roboto:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash a0f6078ddaeef5f86b7e6ed74247c6ade57731a4c6ff797dbfa4b3ead20b4392 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://facebookstart.bitgroup.vn Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 18 Sep 2021 16:14:57 GMT x-content-type-options nosniff age 471477 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16764 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:21:06 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 18 Sep 2022 16:14:57 GMT
GET H2	200	6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2 fonts.gstatic.com/s/quicksand/v24/	22 KB 22 KB	192ms 99ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular|Montserrat:bold,regular|Quicksand:bold,regular|Roboto:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash bec6a45817bbf822306e8f9ce66d477125af108a0f81ee411c2386515dee19d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://facebookstart.bitgroup.vn Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 17 Sep 2021 09:22:59 GMT x-content-type-options nosniff age 582595 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22120 x-xss-protection 0 last-modified Mon, 26 Jul 2021 18:18:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 17 Sep 2022 09:22:59 GMT
GET H2	200	1000x345-logobitwhite-20201126133317.png w.ladicdn.com/s400x350/5fab3fb5d5a5b24b34178ff4/	16 KB 16 KB	216ms 215ms	Image image/webp	104.18.12.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s400x350/5fab3fb5d5a5b24b34178ff4/1000x345-logobitwhite-20201126133317.png Requested by Host: facebookstart.bitgroup.vn URL: https://facebookstart.bitgroup.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58c27048862a435560e3839585537cf74acbcddf3bd780eb5e7cfe44ec7b6a4f Request headers Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 24 Sep 2021 03:12:54 GMT vary Accept cf-cache-status HIT cf-polished origFmt=png, origSize=34009 content-disposition inline; filename="1000x345-logobitwhite-20201126133317.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 cf-bgj imgq:100,h2pri server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 2592000 access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true cf-ray 6938d5755ddfc4d1-DUS access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials expires Sat, 24 Sep 2022 03:12:54 GMT
GET H2	200	nen-2-1557062989.jpg w.ladicdn.com/s1440x933/59b74acbffb7337f927ce0ed/	11 KB 11 KB	197ms 196ms	Image image/webp	104.18.12.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s1440x933/59b74acbffb7337f927ce0ed/nen-2-1557062989.jpg Requested by Host: facebookstart.bitgroup.vn URL: https://facebookstart.bitgroup.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f045183310a7eae1bc37754cb51cce37e5ce144ed7a56365ba543ba3f347826a Request headers Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 24 Sep 2021 03:12:54 GMT vary Accept cf-cache-status HIT cf-polished origFmt=png, origSize=28790 content-disposition inline; filename="nen-2-1557062989.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 cf-bgj imgq:100,h2pri server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 2592000 access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true cf-ray 6938d5755de2c4d1-DUS access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials expires Sat, 24 Sep 2022 03:12:54 GMT
GET H2	200	group-3-copy-1559024667.png w.ladicdn.com/s1350x1050/59b74acbffb7337f927ce0ed/	115 KB 115 KB	197ms 197ms	Image image/webp	104.18.12.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s1350x1050/59b74acbffb7337f927ce0ed/group-3-copy-1559024667.png Requested by Host: facebookstart.bitgroup.vn URL: https://facebookstart.bitgroup.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09f5016d01cc64657b49d95e5b6f9a5352b9943d2671bbf4a43050bb0b63679a Request headers Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 24 Sep 2021 03:12:54 GMT vary Accept cf-cache-status HIT cf-polished origFmt=png, origSize=212319 content-disposition inline; filename="group-3-copy-1559024667.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 cf-bgj imgq:100,h2pri server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 2592000 access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true cf-ray 6938d5755de3c4d1-DUS access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials expires Sat, 24 Sep 2022 03:12:54 GMT
GET H2	200	nguoi1-1557062144.png w.ladicdn.com/s850x850/59b74acbffb7337f927ce0ed/	56 KB 56 KB	208ms 208ms	Image image/webp	104.18.12.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s850x850/59b74acbffb7337f927ce0ed/nguoi1-1557062144.png Requested by Host: facebookstart.bitgroup.vn URL: https://facebookstart.bitgroup.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af2bd18fdcdca720e1b3ccf5f689c619e9cc0962427fc90a17bd9b013d70c768 Request headers Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 24 Sep 2021 03:12:54 GMT vary Accept cf-cache-status HIT cf-polished origFmt=png, origSize=93791 content-disposition inline; filename="nguoi1-1557062144.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 cf-bgj imgq:100,h2pri server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 2592000 access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true cf-ray 6938d5755de5c4d1-DUS access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials expires Sat, 24 Sep 2022 03:12:54 GMT
GET H2	200	n2-1557109064.png w.ladicdn.com/s1440x809/59b74acbffb7337f927ce0ed/	5 KB 6 KB	185ms 185ms	Image image/webp	104.18.12.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s1440x809/59b74acbffb7337f927ce0ed/n2-1557109064.png Requested by Host: facebookstart.bitgroup.vn URL: https://facebookstart.bitgroup.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f20857261badacb714f6857b592ba4893363f12fb6cc50a35881ef1057255d17 Request headers Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 24 Sep 2021 03:12:54 GMT vary Accept cf-cache-status HIT cf-polished origFmt=png, origSize=14101 content-disposition inline; filename="n2-1557109064.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 cf-bgj imgq:100,h2pri server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 2592000 access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true cf-ray 6938d5755de6c4d1-DUS access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials expires Sat, 24 Sep 2022 03:12:54 GMT
GET DATA	200 OK	truncated /	208 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3ad788b14129415c931def942e977675ce8334b23abdacb31c9c94163f45dc6b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
OPTIONS H2	200	event a.ladipage.com/ Frame	0 0	527ms 166ms	Preflight application/json	18.136.80.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Protocol H2 Server 18.136.80.214 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-136-80-214.ap-southeast-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,ladi_camp_form_submit,ladi_camp_form_submit_daily,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_page_view_daily,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_form_submit_daily,ladi_page_view,ladi_page_view_daily Origin https://facebookstart.bitgroup.vn User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Fri, 24 Sep 2021 03:12:55 GMT content-type application/json; charset=utf-8 x-frame-options SAMEORIGIN x-xss-protection 0 x-content-type-options nosniff x-download-options noopen access-control-allow-origin * access-control-allow-methods POST, OPTIONS access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily access-control-max-age 2592000 vary Accept-Encoding content-encoding gzip
POST H2	200	event Show response a.ladipage.com/	34 B 560 B	172ms 171ms	XHR text/plain	18.136.80.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1620704888272 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.136.80.214 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-136-80-214.ap-southeast-1.compute.amazonaws.com Software / Resource Hash 287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers LADI_CLIENT_ID 404f13ee-53c7-448d-4a4d-773a36f6f703 LADI_PAGE_VIEW_DAILY 0 LADI_CAMP_ORIGIN_URL LADI_FORM_SUBMIT_DAILY 0 LADI_CAMP_ID Accept-Language de-DE,de;q=0.9 LADI_CAMP_FORM_SUBMIT 0 LADI_CAMP_TYPE LADI_CAMP_FORM_SUBMIT_DAILY 0 LADI_CAMP_PAGE_VIEW_DAILY 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 LADI_FORM_SUBMIT 0 LADI_CAMP_NAME Content-Type application/json Referer https://facebookstart.bitgroup.vn/ LADI_CAMP_TARGET_URL LADI_CAMP_PAGE_VIEW 0 LADI_PAGE_VIEW 1 Response headers date Fri, 24 Sep 2021 03:12:55 GMT x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods POST, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-max-age 2592000 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily x-xss-protection 0
GET H3	200	logo-phone-1567088551.png w.ladicdn.com/s400x400/59b74acbffb7337f927ce0ed/	4 KB 5 KB	186ms 185ms	Image image/webp	104.18.12.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s400x400/59b74acbffb7337f927ce0ed/logo-phone-1567088551.png Requested by Host: facebookstart.bitgroup.vn URL: https://facebookstart.bitgroup.vn/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.12.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d19dd847901ff52f32f9b28771b0bddaeba952dd4cb092b49f65c1c4b277b8cc Request headers Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 24 Sep 2021 03:12:54 GMT vary Accept cf-cache-status HIT cf-polished origFmt=png, origSize=9079 content-disposition inline; filename="logo-phone-1567088551.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 cf-bgj imgq:100,h2pri server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 2592000 access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true cf-ray 6938d575f9a9876a-DUS access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials expires Sat, 24 Sep 2022 03:12:54 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 425 B	30ms 12ms	Image image/gif	31.13.92.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1678638095724206&ev=fb_page_view&dl=https%3A%2F%2Ffacebookstart.bitgroup.vn%2F&rl=&if=false&ts=1632453174744&sw=1600&sh=1200&at= Requested by Host: facebookstart.bitgroup.vn URL: https://facebookstart.bitgroup.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-frt3.facebook.com Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 24 Sep 2021 03:12:54 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Fri, 24 Sep 2021 03:12:54 GMT
GET H3	200	neILzCirqoswsqX9zo2mM5Ez.woff2 fonts.gstatic.com/s/lobster/v23/	13 KB 13 KB	60ms 32ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lobster/v23/neILzCirqoswsqX9zo2mM5Ez.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular|Montserrat:bold,regular|Quicksand:bold,regular|Roboto:bold,regular&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash d503c5cdad825201613d53fa59858a9d5084fa4d7ad2045cfd6dd986aa5bb095 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://facebookstart.bitgroup.vn Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 07:35:22 GMT x-content-type-options nosniff age 329852 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13520 x-xss-protection 0 last-modified Thu, 10 Sep 2020 17:06:02 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 20 Sep 2022 07:35:22 GMT
GET H3	200	JTURjIg1_i6t8kCHKm45_dJE3gbD_u50.woff2 fonts.gstatic.com/s/montserrat/v18/	7 KB 7 KB	55ms 28ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gbD_u50.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular|Montserrat:bold,regular|Quicksand:bold,regular|Roboto:bold,regular&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash a49e67ec1d9199fe4b0093def42da878674848cdcb044628bde09f888d5d2d72 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://facebookstart.bitgroup.vn Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 00:45:23 GMT x-content-type-options nosniff age 95251 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6748 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:57 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Sep 2022 00:45:23 GMT
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 fonts.gstatic.com/s/opensans/v26/	14 KB 14 KB	28ms 21ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular|Montserrat:bold,regular|Quicksand:bold,regular|Roboto:bold,regular&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 73991718fdbe348bf3c5aef1641878ac819f6217e026a66cfe87cd6b9777e974 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://facebookstart.bitgroup.vn Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 17:17:31 GMT x-content-type-options nosniff age 35723 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14016 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:12 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 23 Sep 2022 17:17:31 GMT
GET H3	200	6xKtdSZaM9iE8KbpRA_hJFQNcOM.woff2 fonts.gstatic.com/s/quicksand/v24/	7 KB 7 KB	32ms 26ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJFQNcOM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular|Montserrat:bold,regular|Quicksand:bold,regular|Roboto:bold,regular&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 5caf527ce57ab222bce6fbd1eb68801e1378ce4773be45d838bc77b00c0ddd40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://facebookstart.bitgroup.vn Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 19 Sep 2021 14:44:45 GMT x-content-type-options nosniff age 390489 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6768 x-xss-protection 0 last-modified Mon, 26 Jul 2021 18:16:49 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 19 Sep 2022 14:44:45 GMT
GET H2	200	widgets.js Show response w.trazk.com/v9/	81 KB 16 KB	553ms 533ms	Script application/javascript	104.21.20.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://w.trazk.com/v9/widgets.js Requested by Host: c.trazk.com URL: https://c.trazk.com/c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 563380264f3f44933c67eb4a82a886025fd3d3982e960bd994c7c45377c98159 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 24 Sep 2021 03:12:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 22 Sep 2021 07:04:08 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"1434a-17c0c519e40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FcfVrKcDG3doJG%2FTDfEnvY4prz6n5iIhfWFdWNJkxZOUyBweCtqxffeVaW%2Ba%2BDg6LCjcU90hxnQmRQJh%2FioXZ30vYZsWqz7kEiHNx7FwGigNWHJvZZD%2B%2BjdXYdJ1Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 6938d5794d5d4055-CDG
OPTIONS H2	204	visitor v9tracking.trazk.com/ Frame	0 0	591ms 530ms	Preflight	104.21.20.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://v9tracking.trazk.com/visitor Protocol H2 Server 104.21.20.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://facebookstart.bitgroup.vn User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Fri, 24 Sep 2021 03:12:56 GMT content-length 0 x-powered-by Express access-control-allow-origin * access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE vary Access-Control-Request-Headers access-control-allow-headers content-type x-frame-options SAMEORIGIN x-xss-protection 1; mode=block x-content-type-options nosniff cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNVCDDeZEKM3DipWTNM2Xfk2tL27kRnvoLXDY9eh662kXRD2Bx4%2Bp1AvblNX8fblyIXATpXGPkPpjB9n89%2BnvVngHwyBB6oRmOFqHdkDp3m1jrhifUrT%2Bp7EgffoedzjCSIvEKEkpA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6938d57d0c4e407b-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST H3	200	visitor Show response v9tracking.trazk.com/	16 B 649 B	1058ms 1036ms	Fetch application/json	104.21.20.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://v9tracking.trazk.com/visitor Requested by Host: w.trazk.com URL: https://w.trazk.com/v9/widgets.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.20.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash c6e71bc460b5fad5ab3ee4a886d0e94f715abb9ed26a00010493855a6b5f3ed8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://facebookstart.bitgroup.vn/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/json Response headers date Fri, 24 Sep 2021 03:12:57 GMT x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 16 x-xss-protection 1; mode=block server cloudflare etag W/"10-A2qCN/gnXMIaGlfn/6S2v9rwKAg" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0zOgqmMzR17HJZp%2B8yOswdWueE5VTC94IyoS5IjxaibIx2bq3TPs7LPfcWJFLhGZNSYmY7RrkvYo1M04DIkliMQalgoC4bSdL2S7weqNFasll3Uf0fyXSWw0SFWwW1ZJuwQ3LiyvQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 6938d5807bdecddf-CDG
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.4.1/	86 KB 31 KB	70ms 21ms	Script text/javascript	142.250.186.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: w.trazk.com URL: https://w.trazk.com/v9/widgets.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f10.1e100.net Software sffe / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 22 Sep 2021 08:01:32 GMT content-encoding gzip x-content-type-options nosniff age 155483 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30774 x-xss-protection 0 last-modified Mon, 13 May 2019 14:37:17 GMT server sffe vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="hosted-libraries-pushers" expires Thu, 22 Sep 2022 08:01:32 GMT
GET H3	200	customerchat.php www.facebook.com/v3.0/plugins/ Frame 75E8	0 0	75ms 67ms	Document text/html	31.13.92.36 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/v3.0/plugins/customerchat.php?app_id=1678638095724206&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12c3f3737179d4%26domain%3Dfacebookstart.bitgroup.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffacebookstart.bitgroup.vn%252Ffb11eb2b066264%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Ffacebookstart.bitgroup.vn%2F&locale=vi_VN&logged_in_greeting=B%E1%BA%A1n%20c%E1%BA%A7n%20t%C6%B0%20v%E1%BA%A5n%20kh%C3%B3a%20Facebook%3F%20Chat%20ngay%20nh%C3%A9.&logged_out_greeting=B%E1%BA%A1n%20c%E1%BA%A7n%20t%C6%B0%20v%E1%BA%A5n%20kh%C3%B3a%20Facebook%3F%20Chat%20facebook%20ngay%20nh%C3%A9.&page_id=1931570763808238&ref=&request_time=1632453175889&sdk=joey&theme_color=%23ea7037 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-frt3.facebook.com Software / Resource Hash Security Headers Name Value Content-Security-Policy frame-ancestors https://www.facebook.com; default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.facebook.com :scheme https :path /v3.0/plugins/customerchat.php?app_id=1678638095724206&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12c3f3737179d4%26domain%3Dfacebookstart.bitgroup.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffacebookstart.bitgroup.vn%252Ffb11eb2b066264%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Ffacebookstart.bitgroup.vn%2F&locale=vi_VN&logged_in_greeting=B%E1%BA%A1n%20c%E1%BA%A7n%20t%C6%B0%20v%E1%BA%A5n%20kh%C3%B3a%20Facebook%3F%20Chat%20ngay%20nh%C3%A9.&logged_out_greeting=B%E1%BA%A1n%20c%E1%BA%A7n%20t%C6%B0%20v%E1%BA%A5n%20kh%C3%B3a%20Facebook%3F%20Chat%20facebook%20ngay%20nh%C3%A9.&page_id=1931570763808238&ref=&request_time=1632453175889&sdk=joey&theme_color=%23ea7037 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://facebookstart.bitgroup.vn/ accept-encoding gzip, deflate, br cookie fr=0YatM3NnflrBg1h3L..BhTUI2...1.0.BhTUI2. Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://facebookstart.bitgroup.vn/ Response headers vary Accept-Encoding content-encoding br report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true} x-fb-rlafr 0 cross-origin-opener-policy-report-only same-origin-allow-popups;report-to="coop_report" pragma no-cache cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options nosniff x-xss-protection 0 content-security-policy-report-only default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy frame-ancestors https://www.facebook.com; default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; facebook-api-version v8.0 strict-transport-security max-age=15552000; preload content-type text/html; charset="utf-8" x-fb-debug L88gjuhxvlGg8hKRzW4r13LCqRgGOlwxUKKMZbquF3Y2gsHhXB42YdcMy2/R/ghAJgk/zgDPR00KV/n6o2kXNw== date Fri, 24 Sep 2021 03:12:55 GMT alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| ladi_viewport boolean| ladi_is_desktop object| fbMessengerPlugins function| fbAsyncInit string| url_string object| url object| utm_source function| LadiPageScriptV2 object| Base64 object| LadiPageScript object| LadiFormApi function| parseFloatLadiPage function| decodeURIComponentLadiPage function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi function| ladi_fbq object| LadiPageApp object| FB object| ac string| customer_key string| metaImg string| referrer string| customer_uuid string| cookieCustomer_uuid function| loadScriptAsync function| $j function| refeshData string| modalJsCSS function| sendLocalLog function| setCookie function| getCookie function| uuidv4 function| loadJqueryRemote function| logVisitorHitV9 function| initModal function| initChatApp function| doLoader boolean| fffLoadWidgets undefined| $ undefined| jQuery function| mobilecheck

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			facebookstart.bitgroup.vn/	1970-01-23 13:03:33	Name: LADI_CLIENT_ID Value: 404f13ee-53c7-448d-4a4d-773a36f6f703
			facebookstart.bitgroup.vn/	1970-01-23 13:03:33	Name: LADI_FORM_SUBMIT Value: 0
			facebookstart.bitgroup.vn/	1970-01-23 13:03:33	Name: LADI_PAGE_VIEW Value: 1
			facebookstart.bitgroup.vn/	1969-12-31 23:59:59	Name: _timenow Value: 1632453174685
			.facebook.com/	1970-01-19 23:37:09	Name: fr Value: 0YatM3NnflrBg1h3L..BhTUI2...1.0.BhTUI2.
			facebookstart.bitgroup.vn/	1969-12-31 23:59:59	Name: customer_uuid Value: 7b6f82d5-2c11-za2c-87ea-eb3582665d32

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Refused to frame 'https://www.facebook.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://www.facebook.com".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
ajax.googleapis.com
c.trazk.com
connect.facebook.net
facebookstart.bitgroup.vn
fonts.googleapis.com
fonts.gstatic.com
v9tracking.trazk.com
w.ladicdn.com
w.trazk.com
www.facebook.com
104.18.12.68
104.21.20.207
13.250.255.10
142.250.185.234
142.250.186.35
142.250.186.74
18.136.80.214
31.13.92.14
31.13.92.36
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09f5016d01cc64657b49d95e5b6f9a5352b9943d2671bbf4a43050bb0b63679a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a77bc9cd8df8f7680ab07cf42d9aef3147f5c6fc7fe2050ccee4ea11b22c6cd
287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23
2bba875302b129847c1b0c14a5abbd40840358939392ae25ee8acd66c1c74045
3ad788b14129415c931def942e977675ce8334b23abdacb31c9c94163f45dc6b
42cfd744767302efc3d1e0ffd487ebc16146f0921857bf2f53da6a7f4da434bd
4360b575ca69304797515680cd78b6ef27e6d6ef0a38d7daff474bc1b55aa1bb
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
563380264f3f44933c67eb4a82a886025fd3d3982e960bd994c7c45377c98159
58c27048862a435560e3839585537cf74acbcddf3bd780eb5e7cfe44ec7b6a4f
5caf527ce57ab222bce6fbd1eb68801e1378ce4773be45d838bc77b00c0ddd40
73991718fdbe348bf3c5aef1641878ac819f6217e026a66cfe87cd6b9777e974
93b6be93155108a375512d5c0651ca3d0929a61d38dfc7e6b2d129ef8b424aa9
9e26ebc3e65cf20f9d3379d737516114f5e8bb7cedb2dd24008b9ce18bb6b890
a0f6078ddaeef5f86b7e6ed74247c6ade57731a4c6ff797dbfa4b3ead20b4392
a49e67ec1d9199fe4b0093def42da878674848cdcb044628bde09f888d5d2d72
af2bd18fdcdca720e1b3ccf5f689c619e9cc0962427fc90a17bd9b013d70c768
b239f620e0fd02feb88c7a4bb661fdad457e2a809ac2ef68bf970cd9fddd69ab
bec6a45817bbf822306e8f9ce66d477125af108a0f81ee411c2386515dee19d8
c5f64eafdc8767d3c827776ba86c7a5b934ff74abced803c7196cca9d45a0204
c6e71bc460b5fad5ab3ee4a886d0e94f715abb9ed26a00010493855a6b5f3ed8
cf34c41118af0e84df8a1d8536a15825937068ffc4290c4a2087c0b848caa36f
d19dd847901ff52f32f9b28771b0bddaeba952dd4cb092b49f65c1c4b277b8cc
d503c5cdad825201613d53fa59858a9d5084fa4d7ad2045cfd6dd986aa5bb095
ddaba2821a4422ab0adcd7d8eb4824494ede5845bdb7eb56f17c13e9c38ef1d0
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
f045183310a7eae1bc37754cb51cce37e5ce144ed7a56365ba543ba3f347826a
f20857261badacb714f6857b592ba4893363f12fb6cc50a35881ef1057255d17