bmslide.hoangthay.vn Open in urlscan Pro
52.220.48.161 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bmslide.hoangthay.vn/
Submission: On December 11 via api (December 11th 2023, 6:10:27 pm UTC) from US — Scanned from US

Summary HTTP 61 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 61 HTTP transactions. The main IP is 52.220.48.161, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is bmslide.hoangthay.vn.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on February 23rd 2023. Valid for: 3 months.

This is the only time bmslide.hoangthay.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.220.48.161 52.220.48.161	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
7	2600:9000:210... 2600:9000:210b:aa00:11:52e1:b680:93a1	16509 (AMAZON-02) (AMAZON-02)
16	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
5	23.47.144.11 23.47.144.11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
9	2607:f8b0:400... 2607:f8b0:4006:806::2003	15169 (GOOGLE) (GOOGLE)
4	3.1.38.220 3.1.38.220	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f08... 2a03:2880:f082:108:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f08... 2a03:2880:f082:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
61	11

1 52.220.48.161 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-48-161.ap-southeast-1.compute.amazonaws.com

bmslide.hoangthay.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:210b:aa00:11:52e1:b680:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.47.144.11 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-47-144-11.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:806::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.1.38.220 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-38-220.ap-southeast-1.compute.amazonaws.com

a.ladipage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f082:108:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)

scontent-ord5-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f082:9:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)

scontent-ord5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953 scontent-ord5-2.xx.fbcdn.net — Cisco Umbrella Rank: 3512 scontent-ord5-1.xx.fbcdn.net — Cisco Umbrella Rank: 3765	284 KB
9	gstatic.com fonts.gstatic.com	217 KB
9	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	17 KB
7	ladicdn.com w.ladicdn.com — Cisco Umbrella Rank: 61342	862 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	146 KB
4	ladipage.com a.ladipage.com — Cisco Umbrella Rank: 86225	2 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	214 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	hoangthay.vn bmslide.hoangthay.vn	72 KB
61	9

	Domain	Requested by
12	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
9	fonts.gstatic.com	fonts.googleapis.com
9	www.facebook.com	bmslide.hoangthay.vn static.xx.fbcdn.net connect.facebook.net
7	w.ladicdn.com	bmslide.hoangthay.vn w.ladicdn.com
5	analytics.tiktok.com	bmslide.hoangthay.vn analytics.tiktok.com
4	a.ladipage.com	w.ladicdn.com
4	connect.facebook.net	bmslide.hoangthay.vn connect.facebook.net
2	fonts.googleapis.com	bmslide.hoangthay.vn
1	scontent-ord5-1.xx.fbcdn.net	www.facebook.com
1	scontent-ord5-2.xx.fbcdn.net	www.facebook.com
1	bmslide.hoangthay.vn
61	11

This site contains links to these domains. Also see Links.

Domain
m.me
hoangthay.vn

Subject Issuer	Validity	Valid
ssl.default.ladipage.vn ZeroSSL RSA Domain Secure Site CA	`2023-02-23` - `2023-05-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
w.ladicdn.com Amazon RSA 2048 M02	`2023-10-12` - `2024-11-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-20` - `2023-12-19`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
a.ladipage.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://bmslide.hoangthay.vn/
Frame ID: F8B02F5C5E8AD61ED0284BDBDBA52962
Requests: 41 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FBMSLIDE%26tabs%3Dtimeline%26width%3D300%26height%3D300%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 6DBAFC85D8EE7D5A8FA0AF87B05BC356
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BMSLIDE - Học viện thiết kế SLIDE POWERPOINT Số một Hải Phòng

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

61
Requests

89 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

1816 kB
Transfer

4354 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://m.me/BMSLIDE
Title: LIÊN HỆ NGAY

Search URL Search Domain Scan URL

URL: http://hoangthay.vn/
Title: ABOUT ME

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bmslide.hoangthay.vn/ 624 KB
72 KB 1529ms
267ms Document
text/html 52.220.48.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bmslide.hoangthay.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.220.48.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-220-48-161.ap-southeast-1.compute.amazonaws.com

Software

openresty /

Resource Hash

dbf7235b5851482c5e2affdc6449d30b8b5fe98d21cddcd91f886bd8fb4e378c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 18:10:19 GMT
server: openresty
statuscode: 200
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 148ms
59ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Quicksand:bold,regular|Anton:bold,regular|Paytone%20One:bold,regular&display=swap

Requested by

Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3eb6cb1ffcc029a415745fa6db84612ac969f5e9bcf763901d3a30d4c3714ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 18:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 18:10:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 18:10:20 GMT

GET
H2 200 ladipage.vi.min.js Show response
w.ladicdn.com/v2/source/ 374 KB
86 KB 208ms
51ms Script
text/javascript 2600:9000:210b:aa00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1675332219273
Requested by: Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:aa00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 930c2c53bd84d481d8ed2d54855411f7dc0cf8d5ea6cc6265b65bf2a2170a17f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:02:24 GMT
content-encoding: gzip
via: 1.1 97838e4a7e48c5b1ece191e6f727eb80.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
age: 2322476
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: -LJlssUP23B8wy_U4XlC_piZTZ5NJDlgDylLgNqgB_GQLAzv4_FQQg==
expires: Wed, 13 Nov 2024 21:02:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 168ms
55ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 11 Dec 2023 18:10:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: AvBrdvIA+G640gbazOXCFzvKElgk6JB2P6hGEUM/nSKnpnEzqh+fbrbrPqEH6U3jVGACOykdodNBLfePpVO02A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/vi_VN/sdk/ 317 KB
90 KB 273ms
178ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Requested by

Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73a8c4482fd3d17c296499dcb8acbc84af592d96eea3805516d81e5a0055d355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 18:10:20 GMT
content-md5: 5+1QkwAG8Bp15J6EM/tXKw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 92216
reporting-endpoints
x-fb-debug: 8icUdQNmQPCPuSRwV6ET2+YEBpYouU8dVjTXtKnATcmtgGMhl83tA5pvNXHWv0XlrcXzJ613CVwHgydlL0hSpQ==
x-fb-content-md5: 680f9644cae2c4d6e1f53705b1bd648d
cross-origin-opener-policy: same-origin-allow-popups
etag: "b48205336bd44a3a9f0e49dea584f44c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 11 Dec 2023 18:12:27 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 183ms
74ms Script
application/javascript 23.47.144.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFE7A3BC77U6J4U00590&lib=ttq
Requested by: Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.144.11 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-47-144-11.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 60ccaf2657d4e07b907ee6897ee642736d91d74b08df25e4ba5085d9bfee1059

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: d57b26d3.234abfcc
date: Mon, 11 Dec 2023 18:10:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121118102053B292A4855B6B23DE08-76633D163860A2BC-00
x-cache: TCP_MISS from a23-54-64-75.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 16,23.54.64.75
server-timing: cdn-cache; desc=MISS, edge; dur=9, origin; dur=8, inner; dur=5
content-length: 1335
pragma: no-cache
server: nginx
x-tt-logid: 2023121118102053B292A4855B6B23DE08
x-cache-remote: TCP_MISS from a23-48-200-133.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.48.200.133
x-tt-trace-host: 018ade9c088af9ff703dde8fbc65863764020812ccb64519b573acaa54ed5738062ab70f5e80865e6ebd178301f1c8ccc273ac519a6f6297de88a11149e30e6542cf0cf66cab2433f3d62f8fa8227aa52fba7b61100c5eaf58b80bba86f29624e5ad76e5ee05ec8e33d594088b89c3faad
expires: Mon, 11 Dec 2023 18:10:20 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 6DBA 40 KB
15 KB 289ms
177ms Document
text/html 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FBMSLIDE&tabs=timeline&width=300&height=300&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e7d37f3220de96b4afdd6d2c8b9e2984a4b7c888e5b8a0a822afca211677dcea

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bmslide.hoangthay.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 18:10:20 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: MNtUJZi1Ulzc0+QxUsSJY+Y0JpfXBF8fat4BJ5hDTan9CSRTHfFhiqhrd+3V8uCG2EtaVYcr757qxNUwXAvAbQ==
x-xss-protection: 0

GET
H2 200 sl1220203905022-converted-20210630073119.png
w.ladicdn.com/s700x1700/5ffc11e29f4da2001177050f/ 305 KB
304 KB 1061ms
1061ms Image
image/png 2600:9000:210b:aa00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s700x1700/5ffc11e29f4da2001177050f/sl1220203905022-converted-20210630073119.png
Requested by: Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:aa00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e4dc467087cf29199ce8077c0b01e8826339ae642c1942ff16e1f25e13cd24a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:10:21 GMT
content-encoding: gzip
via: 1.1 97838e4a7e48c5b1ece191e6f727eb80.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: AP4JOay1835YdQLxtUgLvhKFkdreqwgwutSe0aL7dOecNk1Mf3cM9Q==
expires: Tue, 10 Dec 2024 18:10:21 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 269ms
160ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Quicksand:bold,regular|Anton:bold,regular|Paytone%20One:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bmslide.hoangthay.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:43:31 GMT
x-content-type-options: nosniff
age: 588409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:43:31 GMT

GET
H2 200 1Ptgg87LROyAm3Kz-C8.woff2
fonts.gstatic.com/s/anton/v25/ 18 KB
18 KB 244ms
134ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm3Kz-C8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Quicksand:bold,regular|Anton:bold,regular|Paytone%20One:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9ad420bf51c2930fc2a49d44209d202cb18acb2d8b82853a01023e69eab6885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bmslide.hoangthay.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:09:29 GMT
x-content-type-options: nosniff
age: 464451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18796
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:21:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:09:29 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 27 KB
28 KB 163ms
54ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Quicksand:bold,regular|Anton:bold,regular|Paytone%20One:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bmslide.hoangthay.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:18:46 GMT
x-content-type-options: nosniff
age: 463894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28064
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:18:46 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 34 KB
34 KB 305ms
203ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Quicksand:bold,regular|Anton:bold,regular|Paytone%20One:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bmslide.hoangthay.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:42:13 GMT
x-content-type-options: nosniff
age: 426487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35120
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:42:13 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 16 KB
16 KB 297ms
196ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Quicksand:bold,regular|Anton:bold,regular|Paytone%20One:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db5d7bb36691306bda51b903c84fbdef4206d3c166b8080100915d16a617f5ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bmslide.hoangthay.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:19:08 GMT
x-content-type-options: nosniff
age: 463872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16424
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:41:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:19:08 GMT

GET
H2 200 1Ptgg87LROyAm3K8-C8QSw.woff2
fonts.gstatic.com/s/anton/v25/ 9 KB
9 KB 251ms
158ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm3K8-C8QSw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Quicksand:bold,regular|Anton:bold,regular|Paytone%20One:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59cd6f2f048a6c5208fae1c15dc530b006c2e0d34f86a735d1798500b34249ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bmslide.hoangthay.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:17:32 GMT
x-content-type-options: nosniff
age: 341568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8752
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:21:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:17:32 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2
fonts.gstatic.com/s/quicksand/v31/ 25 KB
25 KB 308ms
215ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Quicksand:bold,regular|Anton:bold,regular|Paytone%20One:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

472aa6bfc4a46a6e125ab18fef5cd85a8a065d3fb0c70a9f06e28a8ea4a659f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bmslide.hoangthay.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:23 GMT
x-content-type-options: nosniff
age: 342177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25500
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:53:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:07:23 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hJFQNcOM.woff2
fonts.gstatic.com/s/quicksand/v31/ 8 KB
9 KB 284ms
191ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hJFQNcOM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Quicksand:bold,regular|Anton:bold,regular|Paytone%20One:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b591e5def66c8849f31e1f241e0b3e23beae7efc4234983ae22960d30197b55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bmslide.hoangthay.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:44:56 GMT
x-content-type-options: nosniff
age: 163524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8636
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:53:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 20:44:56 GMT

GET
H2 200 1Ptgg87LROyAm3K9-C8QSw.woff2
fonts.gstatic.com/s/anton/v25/ 30 KB
30 KB 194ms
104ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm3K9-C8QSw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Quicksand:bold,regular|Anton:bold,regular|Paytone%20One:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bdafd944408a41c747677fe400829de545a27c26c77d44a3ff73643057c6fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bmslide.hoangthay.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:43:51 GMT
x-content-type-options: nosniff
age: 588389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30632
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:21:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:43:51 GMT

GET
H2 200 ladi-ngnag-2-bmslide-20221220085752-rjrqp.png
w.ladicdn.com/s2250x1100/5ffc11e29f4da2001177050f/ 433 KB
429 KB 1295ms
1294ms Image
image/png 2600:9000:210b:aa00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s2250x1100/5ffc11e29f4da2001177050f/ladi-ngnag-2-bmslide-20221220085752-rjrqp.png
Requested by: Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:aa00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9dda6c85f55bc6840129cf30441ee5714de942b01fb6e8fbd1eeeb04b640ee69

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:10:21 GMT
content-encoding: gzip
via: 1.1 97838e4a7e48c5b1ece191e6f727eb80.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: ScOcpJEjR58aCwyJbSUQD2IRZb6gi3X_bouOUCFkYN1NYyKemTCTeA==
expires: Tue, 10 Dec 2024 18:10:21 GMT

GET
H2 200 avt-20220906033739.png
w.ladicdn.com/s500x500/5ffc11e29f4da2001177050f/ 23 KB
24 KB 1016ms
1016ms Image
image/png 2600:9000:210b:aa00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s500x500/5ffc11e29f4da2001177050f/avt-20220906033739.png
Requested by: Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:aa00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9ff747e9329039708b09aff7bd5bf1ecf6d4513c3d85669388e564027cb7f08f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:10:21 GMT
content-encoding: gzip
via: 1.1 97838e4a7e48c5b1ece191e6f727eb80.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: w55VG9XPSuFljY6cz4j84Kjjml1FLY8lZW464gzo5EJe0S7jLgABiQ==
expires: Tue, 10 Dec 2024 18:10:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
978 B 67ms
65ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Quicksand:bold,regular|Anton:bold,regular|Paytone%20One:bold,regular&display=swap

Requested by

Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3eb6cb1ffcc029a415745fa6db84612ac969f5e9bcf763901d3a30d4c3714ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 18:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 18:10:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 18:10:20 GMT

GET
H2 200 ladipage.min.css
w.ladicdn.com/v2/source/ 66 KB
6 KB 54ms
52ms Stylesheet
text/css 2600:9000:210b:aa00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.min.css?v=1675332219273
Requested by: Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:aa00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 06:11:36 GMT
content-encoding: gzip
via: 1.1 97838e4a7e48c5b1ece191e6f727eb80.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
age: 4449524
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: nopHsvdC9R8wZ887_CENx6DbBG8NKNjKUzTXFH3-y2rup9pxLEAGAQ==
expires: Sun, 20 Oct 2024 06:11:36 GMT

GET
H2 200 sdk.js Show response
w.ladicdn.com/popupx/ 478 B
779 B 777ms
776ms Script
text/javascript 2600:9000:210b:aa00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/popupx/sdk.js
Requested by: Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:aa00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f18da11f560c1fc3d8eea00b2c52838535ee2b894b9bf2db50bba817653e806b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:10:21 GMT
content-encoding: gzip
via: 1.1 97838e4a7e48c5b1ece191e6f727eb80.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-C3
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: No-Cache
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: lyeRHafSvikvvp-S6jeVWYQY6hurShlmnqtSTtU8kBDUdmvesRFrGw==

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
107 KB 59ms
59ms Script
application/javascript 23.47.144.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFE7A3BC77U6J4U00590&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.144.11 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-47-144-11.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: 234ac12f
date: Mon, 11 Dec 2023 18:10:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109165208FAB23FA048153B1CA391
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-54-64-75.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d9dc3e19366dc38e768b84099f2230d5b69b70a1c72037f78b87d3cfb7158e5f199e961b7a3aadb7577b8fa05f3b5c335e41e099b713f1789ac068c8b071f92186a6d0d6e0557f002c1caa5e0f8cacbc9952b17a34a793cd7c2866757a6a3144
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 108500

OPTIONS
H2 200 event
a.ladipage.com/ Frame 0
0 912ms
293ms Preflight
application/json 3.1.38.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.1.38.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-38-220.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Access-Control-Request-Method: POST
Origin: https://bmslide.hoangthay.vn
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 11 Dec 2023 18:10:21 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 event Show response
a.ladipage.com/ 106 B
632 B 300ms
298ms XHR
text/plain 3.1.38.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1675332219273

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.1.38.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-38-220.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

LADI_CLIENT_ID: f927781b-4a89-4bed-7bad-db386b892885
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT: 0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
LADI_CAMP_NAME
Content-Type: application/json
accept-language: en-US,en;q=0.9
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW: 0
Referer: https://bmslide.hoangthay.vn/
LADI_PAGE_VIEW: 1
LADI_CAMP_TYPE

Response headers

date: Mon, 11 Dec 2023 18:10:21 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

GET
H2 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 6DBA 20 KB
6 KB 227ms
57ms Stylesheet
text/css 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FBMSLIDE&tabs=timeline&width=300&height=300&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xXCq6/qryia0kWXvm23HIA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5237
reporting-endpoints
x-fb-debug: fL3l30Zl9iJyVqI8RExGw1m3I9+kY7Es0UY4/tsCX+9hAuxWmn2sbL5Jkib4kLdn5G6WDRPy5mpbeJy7YbkJgw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:06:05 GMT

GET
H2 200 JS2LsxE-gw3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 6DBA 354 KB
92 KB 347ms
177ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 11 Dec 2023 18:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Veg+9swSo/ybchlTfP+avA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93749
reporting-endpoints
x-fb-debug: UbxWU+xtgiRLZqfPBCkDJMxPfT/HutqzoYOl38iNkK3hCgcYCc6leSFqli8VsbnT90NT8mT0xDQnqorJgzprAA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:13:48 GMT

GET
H2 200 tbb6w30TkDN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 6DBA 7 KB
2 KB 300ms
130ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HCL+u+2LMSrM7ELnarU2bQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2226
reporting-endpoints
x-fb-debug: neGsvgUbl/O3YsnevZ2dX84E67GbYUv0i0O+EYvchhT+s66izbff4oFSbrqNemDVY4u0DZ1eMd2PjSOfo+VYLQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:29:35 GMT

GET
H2 200 YJcyY7izLGB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 6DBA 94 KB
27 KB 299ms
130ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/YJcyY7izLGB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qj5bFqqBeNQLu7uSNkxJ/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27471
reporting-endpoints
x-fb-debug: HTGuXAcrYDLtd+vL4JM8/6gVQWIEswZgpbPwdqQ7kyYBu2NGtD8WmwJOKpnJ/FJUvMelWihk4HqEabJBQe7Xcg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:15:27 GMT

GET
H2 200 Oqf9IHnbxLu.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 6DBA 52 KB
17 KB 227ms
58ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/Oqf9IHnbxLu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2549ef26d7da0d8cc8844658a98b88520f80890bc8fba678e1c8860612c43ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 11 Dec 2023 18:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9MINgIqN0461ojiNiqiKIw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16842
reporting-endpoints
x-fb-debug: /g8pOY8fV2sPVUoogh71EFpOW4NwU9g3GIKiRYZxO4S1FMCfBv+CLF0kRR6wJp2xvNKrphibEsdvqTPV3kW3sQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 08 Dec 2024 16:56:55 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 6DBA 507 B
491 B 347ms
178ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: x8qDOpx2+xKtYzbU7icP0XTQJ2o8Ovv+Fe2yXW+Jz6ABJbEw++3+0ioIFRfEYPJ3pRPWYLa/R4KAltUyZi/JAw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 23:46:04 GMT

GET
H2 200 kUrCp987F5r.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yz/l/en_GB/ Frame 6DBA 28 KB
8 KB 412ms
243ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yz/l/en_GB/kUrCp987F5r.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4272bf01ce73c339c5d8b3328c6d2d214769616f847590bc951bcc63dd4c36e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 11 Dec 2023 18:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: k87YXLejNL9iVMcII2jQjQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7915
reporting-endpoints
x-fb-debug: ZbuDYltjcTwctY0EyNNux0oLePsrN3SCP/38d3ojlM4dtVQd+GHx1def8D6Yyof0RlguFF5fa0yfMt1nw89LHg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:06:33 GMT

GET
H2 200 KudK-WKp3ZH.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/y4/l/en_GB/ Frame 6DBA 70 KB
20 KB 347ms
178ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/y4/l/en_GB/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7621b0542bc81fa723649fd431b02b211f79b0aa1f9e816c76223442542dbdcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 11 Dec 2023 18:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Tdu5Aol5VMnqpLJTfi7R5w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20048
reporting-endpoints
x-fb-debug: 1CHMcTet9LmgyPp8zJbYUo5YyOVYUim/F1bVjujvOGkS1vIsa2TOkR2du+m5pbSmguUe4erqgmXrNHC7nfRYLw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 30 Nov 2024 23:24:30 GMT

GET
H2 200 326751221_867628524480658_8712119566239454231_n.png
scontent-ord5-2.xx.fbcdn.net/v/t39.30808-6/ Frame 6DBA 45 KB
46 KB 401ms
237ms Image
image/png 2a03:2880:f082:108:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ord5-2.xx.fbcdn.net/v/t39.30808-6/326751221_867628524480658_8712119566239454231_n.png?stp=dst-png_p130x130&_nc_cat=107&ccb=1-7&_nc_sid=081abc&_nc_ohc=BdJsNHJQcH8AX-0CcgO&_nc_ht=scontent-ord5-2.xx&edm=ADwHzz8EAAAA&oh=00_AfB5vmvhRB9PxK5RbJSHnBgpV5TAYWk6ClLugavYNZR2EQ&oe=657D1DBF
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FBMSLIDE&tabs=timeline&width=300&height=300&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f082:108:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 720c53f6146cffe7dcd4a08bdb41a8014ed82f853bd7ac4e27b3521976f7f579

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:10:21 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 03 Feb 2023 13:46:01 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=3283468313
thrift_fmhk: GBD+F/pNATAphkaVmXfGW11SFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: pjIcDacHML4ImXTR3Hx5XWuiUrQwOJbQ5ab8Q10yVua_OISN2sX4JaMzA7iWfdB-S-JzAEeLVNxOPmLKhm8J061LNnJDzWqCQDiC2vkl_6w
cross-origin-resource-policy: cross-origin
x-needle-checksum: 497127500
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 46574

GET
H2 200 301284451_100562389459642_5716188088652907200_n.png
scontent-ord5-1.xx.fbcdn.net/v/t39.30808-1/ Frame 6DBA 3 KB
4 KB 180ms
71ms Image
image/png 2a03:2880:f082:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ord5-1.xx.fbcdn.net/v/t39.30808-1/301284451_100562389459642_5716188088652907200_n.png?stp=c1.0.50.50a_cp0_dst-png_p50x50&_nc_cat=101&ccb=1-7&_nc_sid=4da83f&_nc_ohc=6aZhh1WewaQAX-nxkCI&_nc_ht=scontent-ord5-1.xx&edm=ADwHzz8EAAAA&oh=00_AfCxF68dbC1TxGM-BiNYnyS-u425ok3gXkQkzE4QG4_8iA&oe=657C9782
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FBMSLIDE&tabs=timeline&width=300&height=300&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f082:9:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6b38892ae3d06ba15bce5bcfe865844038af207d28c5662aa736417a144f3ead

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:10:21 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 25 Aug 2022 02:49:47 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=99475753
thrift_fmhk: GBAJ0qbcfnldPYM1j8FcDmf8Fa6g3sMEAA==
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: 6zxJhdEwAvTw7mbHBuzkmneDGkpKsSSSZVME-uHbnH7hNW6A_zyoXvuUbOmRSYoPVNLx4b5MAPCa4vNZHvFkJcnFaePU07oqk_CPKBI37-g
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3824497128
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 3570

GET
H2 200 2074434969443523 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 231ms
230ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2074434969443523?v=2.9.138&r=stable&domain=bmslide.hoangthay.vn

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f0e0a39e8d709799f3508786ca326e7303dd63dc8c721668039e6c097f38274

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 11 Dec 2023 18:10:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: rjbhwE8DyDkSpA8go3fEoiVfKd2D/WUQR7ou/bkFng+6qztmfpU5wPowifWtg6WPeggFxtW2zmiR6KBQl/IWsg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 80ms
80ms Script
application/javascript 23.47.144.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.144.11 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-47-144-11.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: 234ac732
date: Mon, 11 Dec 2023 18:10:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109121659F636B26E85516E0ED917
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-54-64-75.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01a2473d1ae220828610b7bfdf1aca38a0b8886478ee00944ed244a163b6f5a3939de41887e644a9bd4975baf4a34e0619c6654c50317cdd0b6bd51217ba5e18461d6c1401ed7d765710f87f21965bb5f24706a4846e8aa94feae6f8c6a2aa7691
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 36061

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
846 B 123ms
122ms Ping
text/plain 23.47.144.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.144.11 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-47-144-11.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bmslide.hoangthay.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4dd918fc.234ac820
date: Mon, 11 Dec 2023 18:10:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231211181021FEBBF0FFF6B9E62B5D17-76970C638BCE6454-00
x-cache: TCP_MISS from a23-54-64-75.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 53,23.54.64.75
server-timing: cdn-cache; desc=MISS, edge; dur=13, origin; dur=45, inner; dur=42
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231211181021FEBBF0FFF6B9E62B5D17
x-cache-remote: TCP_MISS from a23-218-220-137.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 45,23.218.220.137
x-tt-trace-host: 018ade9c088af9ff703dde8fbc65863764c251c7aedb7047715339e1b557e0565b5cc3eb036b6b557bd7db75e0513e5d50e61153a0c9d5048b2b232b9746644f2729fb668169e13c68452280fe9530d1f80e0fdd6d3c3c149abfe6f1856f319cd2bb8a4bb63b922f26a5b804bc3e24ca41
access-control-allow-headers: Authorization,*
expires: Mon, 11 Dec 2023 18:10:21 GMT

GET
H3 200 1302573466813376 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 277ms
276ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1302573466813376?v=2.9.138&r=stable&domain=bmslide.hoangthay.vn

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

08f452171857c91f32f2d350a239efe24f4824651fd6ad4eee4fa75e86d3295f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 11 Dec 2023 18:10:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ytEO/Woe3bU0o+0E8dUHndh4ahHu8+Xchs01KyJjszSbt8RkyBC7bhj60O+Tbc35nzWZoqARcGfC0j1OSd9KhA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
129 B 58ms
56ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2074434969443523&ev=PageView&dl=https%3A%2F%2Fbmslide.hoangthay.vn%2F&rl=&if=false&ts=1702318221325&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702318221323.1924455630&ler=empty&it=1702318221057&coo=false&rqm=GET

Requested by

Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 11 Dec 2023 18:10:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 57ms
57ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2074434969443523&ev=ViewContent&dl=https%3A%2F%2Fbmslide.hoangthay.vn%2F&rl=&if=false&ts=1702318221328&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1702318221323.1924455630&ler=empty&it=1702318221057&coo=false&rqm=GET

Requested by

Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 11 Dec 2023 18:10:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
844 B 139ms
139ms Ping
text/plain 23.47.144.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.144.11 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-47-144-11.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bmslide.hoangthay.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7512472a.234acbb9
date: Mon, 11 Dec 2023 18:10:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312111810218D2FE74BFBF847CC7FFC-5289D02F764A4228-00
x-cache: TCP_MISS from a23-54-64-75.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 70,23.54.64.75
server-timing: cdn-cache; desc=MISS, edge; dur=31, origin; dur=45, inner; dur=42
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312111810218D2FE74BFBF847CC7FFC
x-cache-remote: TCP_MISS from a23-48-200-147.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 45,23.48.200.147
x-tt-trace-host: 018ade9c088af9ff703dde8fbc65863764020812ccb64519b573acaa54ed5738069cc8c3c735f470c9582c8147b7f4754abc222653bb192a8b6c5470fd55a22c7bd4713713a7c376dec525fc423e8ab8a9a9f16b6c11c602dfbf744116774ce016551e775eaf324c6fd49fe1c5207ea862
access-control-allow-headers: Authorization,*
expires: Mon, 11 Dec 2023 18:10:21 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 6DBA 573 B
707 B 55ms
54ms Image
image/png 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 11 Dec 2023 18:10:21 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: rBqtf2cTQPHEeWZrbFgN12hu/amIthUldUajypaP5mNK4PWd67RahO4a94OUtWjfgkFXa3F9rM9dNsYXtiMo9Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Nov 2024 10:11:04 GMT

GET
H2 200 8ymKMCefWgD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ Frame 6DBA 209 KB
60 KB 57ms
54ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/8ymKMCefWgD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d353b1355c456941a6195bf480abb7c6092cfd0213313f56168f2315b43d40e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 11 Dec 2023 18:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 30iKdJ7w93p6Ga9jpgjUMg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 60955
reporting-endpoints
x-fb-debug: neunsgqoAmRC9YmQZayGYIUXFsopGRGTS2DFeO7P6PWlfvat84b9jFBAs49+D2sgiZeqegA1NoLEPBqsumD/SQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 23:30:40 GMT

GET
H2 200 popupx.min.js Show response
w.ladicdn.com/popupx/ 39 KB
11 KB 55ms
54ms Script
text/javascript 2600:9000:210b:aa00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/popupx/popupx.min.js?v=1702318221512
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/popupx/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:aa00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 34a13a3df111b6ce5cf9c09fd7216e19599e55876a8212c06308e73194c9db3c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 10:12:34 GMT
content-encoding: gzip
via: 1.1 97838e4a7e48c5b1ece191e6f727eb80.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
age: 28667
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: XWS9u_0l62aDaMDL4k5uh-oK-rzSkstd8LLGEYuwoGJ_0PUZ1_Oy1w==
expires: Tue, 10 Dec 2024 10:12:34 GMT

GET /
www.facebook.com/platform/plugin/tab/renderer/ Frame 6DBA 0
0

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 6DBA 934 B
651 B 135ms
134ms XHR
application/x-javascript 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/y4/l/en_GB/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b679e5252bd959ac0a70d85357b95ef67c6eaa7258e9d02697c05d13d1008b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: 4mbzVmLqLJ1CdnPMnQjPCz
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FBMSLIDE&tabs=timeline&width=300&height=300&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 18:10:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: 7esr4K4QFDpXSbn7wNBSUGSxK8DiyJnjeUwJ1+5z61QshW/PHLnaLn0Y5nC8/YjuPVptVGYntgnmanAuU69w2w==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 6DBA 1 KB
1 KB 57ms
56ms Image
image/png 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 11 Dec 2023 18:10:21 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
reporting-endpoints
x-fb-debug: CT0m5PjBBUzPaon7exvG4UZrAzawn8DPIylqH2jxeNrsM4605u1oLfGa91eL7jse/6D2ZExpmEN1EMzWQUFTGg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Nov 2024 19:40:02 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 59ms
58ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1302573466813376&ev=PageView&dl=https%3A%2F%2Fbmslide.hoangthay.vn%2F&rl=&if=false&ts=1702318221665&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702318221323.1924455630&ler=empty&it=1702318221057&coo=false&rqm=GET

Requested by

Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 11 Dec 2023 18:10:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 59ms
58ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2074434969443523&ev=ScrollDepth_25_percent&dl=https%3A%2F%2Fbmslide.hoangthay.vn%2F&rl=&if=false&ts=1702318221667&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1702318221323.1924455630&ler=empty&it=1702318221057&coo=false&rqm=GET

Requested by

Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 11 Dec 2023 18:10:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 60ms
59ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1302573466813376&ev=ScrollDepth_25_percent&dl=https%3A%2F%2Fbmslide.hoangthay.vn%2F&rl=&if=false&ts=1702318221667&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1702318221323.1924455630&ler=empty&it=1702318221057&coo=false&rqm=GET

Requested by

Host: bmslide.hoangthay.vn
URL: https://bmslide.hoangthay.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bmslide.hoangthay.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 11 Dec 2023 18:10:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H2 200 event
a.ladipage.com/ Frame 0
0 294ms
294ms Preflight
application/json 3.1.38.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.1.38.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-38-220.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ladi_client_id
Access-Control-Request-Method: POST
Origin: https://bmslide.hoangthay.vn
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 11 Dec 2023 18:10:21 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 event Show response
a.ladipage.com/ 1 KB
2 KB 381ms
381ms XHR
text/plain 3.1.38.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/popupx/popupx.min.js?v=1702318221512

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.1.38.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-38-220.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

3c9dc57a7904d6f2a4e2015d4536b51e7ce4a324824298ce96720b04803d1bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

LADI_CLIENT_ID: f927781b-4a89-4bed-7bad-db386b892885
Referer: https://bmslide.hoangthay.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Dec 2023 18:10:22 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

GET
H3 200 ieeHDjcGsIR.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 6DBA 213 B
355 B 57ms
55ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 11 Dec 2023 18:10:21 GMT
x-content-type-options: nosniff
content-md5: oSUZEsOZh+qyGbXjvLFs7Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 213
reporting-endpoints
x-fb-debug: fEWkGhdbKOxrfBN/4XZWbqz9+7eG/UmJFqXUuUqMqUhNrtod+W0OwjrR97NYKq/2d4XrxyKSaLMCYMO31a8ygw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Fri, 29 Nov 2024 20:10:03 GMT

GET
H3 200 /
www.facebook.com/login/ Frame 6DBA 0
0 173ms
173ms Document
text/html 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FBMSLIDE%26tabs%3Dtimeline%26width%3D300%26height%3D300%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FBMSLIDE&tabs=timeline&width=300&height=300&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Dec 2023 18:10:21 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: aXeqej30hTDpxkyI44A7S0FGhOKjLtNv0geInDsITKNwYHgNt2AyUtOifHrj/Y1KsShw4g5/iELJEK6LtaVXZA==
x-frame-options: DENY
x-xss-protection: 0

POST bz
www.facebook.com/ajax/ Frame 6DBA 0
0

GET /
www.facebook.com/plugins/customer_chat/SDK/ 0
0

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/facade/ 1 KB
866 B 250ms
204ms XHR
application/json 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ba89ee1953dec%26domain%3Dbmslide.hoangthay.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbmslide.hoangthay.vn%252Ff1321c3794b50e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbmslide.hoangthay.vn%2F&is_loaded_by_facade=true&locale=vi_VN&log_id=edced839-1923-4de0-9e25-0512296b88ac&page_id=100561282793086&request_time=1702318222916&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

92fca7f9deb9b59d2bbc4cd599b52584697f8fdec0f9da67173fe4021f324fda

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bmslide.hoangthay.vn/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 11 Dec 2023 18:10:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: w3bbJqWNLzS1CiFpUewye9R75hOOzZ51wBAegVRE2XV/DyFlcC0xmIh+6qFusVr9EVRdfW2ybWNgKDwiiQhqKA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/json; charset=utf-8
x-frame-options: DENY
access-control-allow-origin: https://bmslide.hoangthay.vn
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET /
www.facebook.com/plugins/customer_chat/SDK/ 0
0

GET /
www.facebook.com/plugins/customer_chat/facade/ 0
0

GET /
www.facebook.com/plugins/customer_chat/SDK/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FBMSLIDE%22%2C%22width%22%3A300%2C%22height%22%3A300%2C%22has_cta%22%3Afalse%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Fbmslide.hoangthay.vn%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19702.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=GOOD&__rev=1010332215&__s=%3A%3Aiuz8w4&__hsi=7311401082431547378&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE4C1Vwooa81VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w5Kw&__csr=&__sp=1

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=GOOD&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE4C1Vwooa81VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w5Kw&__hs=19702.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7311401082431547378&__req=3&__rev=1010332215&__s=%3A%3Aiuz8w4&__sp=1&__user=0&dpr=1&jazoest=21964&lsd=4mbzVmLqLJ1CdnPMnQjPCz

Domain: www.facebook.com
URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ba89ee1953dec%26domain%3Dbmslide.hoangthay.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbmslide.hoangthay.vn%252Ff1321c3794b50e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbmslide.hoangthay.vn%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=edced839-1923-4de0-9e25-0512296b88ac&page_id=100561282793086&request_time=1702318222916&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Domain: www.facebook.com
URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df276712e85c0c9c%26domain%3Dbmslide.hoangthay.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbmslide.hoangthay.vn%252Ff1321c3794b50e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbmslide.hoangthay.vn%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=c434dd60-3103-4757-82ad-5a67c72efba2&request_time=1702318222921&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Domain: www.facebook.com
URL: https://www.facebook.com/plugins/customer_chat/facade/?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df276712e85c0c9c%26domain%3Dbmslide.hoangthay.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbmslide.hoangthay.vn%252Ff1321c3794b50e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbmslide.hoangthay.vn%2F&is_loaded_by_facade=true&locale=vi_VN&log_id=c434dd60-3103-4757-82ad-5a67c72efba2&request_time=1702318222921&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Domain: www.facebook.com
URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ba89ee1953dec%26domain%3Dbmslide.hoangthay.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbmslide.hoangthay.vn%252Ff1321c3794b50e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbmslide.hoangthay.vn%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=258&locale=vi_VN&log_id=edced839-1923-4de0-9e25-0512296b88ac&page_id=100561282793086&request_time=1702318223174&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bmslide.hoangthay.vn/	1970-01-21 02:27:58	Name: LADI_DNS_CHECK Value: "2023-12-11 18:10:19.902020307 +0000 UTC m=+2893200.917511444"
bmslide.hoangthay.vn/	1970-01-21 01:37:34	Name: LADI_CLIENT_ID Value: f927781b-4a89-4bed-7bad-db386b892885
bmslide.hoangthay.vn/	1970-01-21 02:27:58	Name: LADI_FORM_SUBMIT Value: 0
bmslide.hoangthay.vn/	1970-01-21 02:27:58	Name: LADI_PAGE_VIEW Value: 1
.tiktok.com/	1970-01-21 02:13:34	Name: _ttp Value: 2ZPKLkS2gNoXo9cct28s6nwY0QO
bmslide.hoangthay.vn/	1970-01-20 16:53:24	Name: _timenow Value: 1702318220803
.hoangthay.vn/	1970-01-21 02:13:34	Name: _tt_enable_cookie Value: 1
.hoangthay.vn/	1970-01-21 02:13:34	Name: _ttp Value: 6sp6j08SzHrOPuHmH0UUgyqDIHp
.hoangthay.vn/	1970-01-20 19:01:34	Name: _fbp Value: fb.1.1702318221323.1924455630
bmslide.hoangthay.vn/	1970-01-21 01:37:34	Name: LADIX_PAGE_VIEW Value: 1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://bmslide.hoangthay.vn/(Line 75) Message: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	error	URL: https://bmslide.hoangthay.vn/ Message: Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ba89ee1953dec%26domain%3Dbmslide.hoangthay.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbmslide.hoangthay.vn%252Ff1321c3794b50e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbmslide.hoangthay.vn%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=edced839-1923-4de0-9e25-0512296b88ac&page_id=100561282793086&request_time=1702318222916&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://bmslide.hoangthay.vn' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ba89ee1953dec%26domain%3Dbmslide.hoangthay.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbmslide.hoangthay.vn%252Ff1321c3794b50e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbmslide.hoangthay.vn%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=edced839-1923-4de0-9e25-0512296b88ac&page_id=100561282793086&request_time=1702318222916&sdk=joey&should_use_new_domain=false&suppress_http_code=1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bmslide.hoangthay.vn/ Message: Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df276712e85c0c9c%26domain%3Dbmslide.hoangthay.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbmslide.hoangthay.vn%252Ff1321c3794b50e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbmslide.hoangthay.vn%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=c434dd60-3103-4757-82ad-5a67c72efba2&request_time=1702318222921&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://bmslide.hoangthay.vn' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df276712e85c0c9c%26domain%3Dbmslide.hoangthay.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbmslide.hoangthay.vn%252Ff1321c3794b50e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbmslide.hoangthay.vn%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=c434dd60-3103-4757-82ad-5a67c72efba2&request_time=1702318222921&sdk=joey&should_use_new_domain=false&suppress_http_code=1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bmslide.hoangthay.vn/ Message: Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/facade/?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df276712e85c0c9c%26domain%3Dbmslide.hoangthay.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbmslide.hoangthay.vn%252Ff1321c3794b50e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbmslide.hoangthay.vn%2F&is_loaded_by_facade=true&locale=vi_VN&log_id=c434dd60-3103-4757-82ad-5a67c72efba2&request_time=1702318222921&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://bmslide.hoangthay.vn' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.facebook.com/plugins/customer_chat/facade/?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df276712e85c0c9c%26domain%3Dbmslide.hoangthay.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbmslide.hoangthay.vn%252Ff1321c3794b50e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbmslide.hoangthay.vn%2F&is_loaded_by_facade=true&locale=vi_VN&log_id=c434dd60-3103-4757-82ad-5a67c72efba2&request_time=1702318222921&sdk=joey&should_use_new_domain=false&suppress_http_code=1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bmslide.hoangthay.vn/ Message: Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ba89ee1953dec%26domain%3Dbmslide.hoangthay.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbmslide.hoangthay.vn%252Ff1321c3794b50e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbmslide.hoangthay.vn%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=258&locale=vi_VN&log_id=edced839-1923-4de0-9e25-0512296b88ac&page_id=100561282793086&request_time=1702318223174&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://bmslide.hoangthay.vn' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ba89ee1953dec%26domain%3Dbmslide.hoangthay.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbmslide.hoangthay.vn%252Ff1321c3794b50e%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbmslide.hoangthay.vn%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=258&locale=vi_VN&log_id=edced839-1923-4de0-9e25-0512296b88ac&page_id=100561282793086&request_time=1702318223174&sdk=joey&should_use_new_domain=false&suppress_http_code=1 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
analytics.tiktok.com
bmslide.hoangthay.vn
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
scontent-ord5-1.xx.fbcdn.net
scontent-ord5-2.xx.fbcdn.net
static.xx.fbcdn.net
w.ladicdn.com
www.facebook.com
www.facebook.com
23.47.144.11
2600:9000:210b:aa00:11:52e1:b680:93a1
2607:f8b0:4006:806::2003
2607:f8b0:4006:823::200a
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f082:108:face:b00c:0:3
2a03:2880:f082:9:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
3.1.38.220
52.220.48.161
08f452171857c91f32f2d350a239efe24f4824651fd6ad4eee4fa75e86d3295f
0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
2549ef26d7da0d8cc8844658a98b88520f80890bc8fba678e1c8860612c43ef7
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
34a13a3df111b6ce5cf9c09fd7216e19599e55876a8212c06308e73194c9db3c
3c9dc57a7904d6f2a4e2015d4536b51e7ce4a324824298ce96720b04803d1bbf
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4272bf01ce73c339c5d8b3328c6d2d214769616f847590bc951bcc63dd4c36e2
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
472aa6bfc4a46a6e125ab18fef5cd85a8a065d3fb0c70a9f06e28a8ea4a659f5
4bdafd944408a41c747677fe400829de545a27c26c77d44a3ff73643057c6fea
4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843
59cd6f2f048a6c5208fae1c15dc530b006c2e0d34f86a735d1798500b34249ce
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
60ccaf2657d4e07b907ee6897ee642736d91d74b08df25e4ba5085d9bfee1059
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
6b38892ae3d06ba15bce5bcfe865844038af207d28c5662aa736417a144f3ead
720c53f6146cffe7dcd4a08bdb41a8014ed82f853bd7ac4e27b3521976f7f579
73a8c4482fd3d17c296499dcb8acbc84af592d96eea3805516d81e5a0055d355
7621b0542bc81fa723649fd431b02b211f79b0aa1f9e816c76223442542dbdcb
7b591e5def66c8849f31e1f241e0b3e23beae7efc4234983ae22960d30197b55
8f0e0a39e8d709799f3508786ca326e7303dd63dc8c721668039e6c097f38274
92fca7f9deb9b59d2bbc4cd599b52584697f8fdec0f9da67173fe4021f324fda
930c2c53bd84d481d8ed2d54855411f7dc0cf8d5ea6cc6265b65bf2a2170a17f
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9dda6c85f55bc6840129cf30441ee5714de942b01fb6e8fbd1eeeb04b640ee69
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ff747e9329039708b09aff7bd5bf1ecf6d4513c3d85669388e564027cb7f08f
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
b679e5252bd959ac0a70d85357b95ef67c6eaa7258e9d02697c05d13d1008b4e
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
c3eb6cb1ffcc029a415745fa6db84612ac969f5e9bcf763901d3a30d4c3714ef
cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf
d353b1355c456941a6195bf480abb7c6092cfd0213313f56168f2315b43d40e1
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
db5d7bb36691306bda51b903c84fbdef4206d3c166b8080100915d16a617f5ea
dbf7235b5851482c5e2affdc6449d30b8b5fe98d21cddcd91f886bd8fb4e378c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4dc467087cf29199ce8077c0b01e8826339ae642c1942ff16e1f25e13cd24a9
e7d37f3220de96b4afdd6d2c8b9e2984a4b7c888e5b8a0a822afca211677dcea
f18da11f560c1fc3d8eea00b2c52838535ee2b894b9bf2db50bba817653e806b
f9ad420bf51c2930fc2a49d44209d202cb18acb2d8b82853a01023e69eab6885
fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb

bmslide.hoangthay.vn Open in urlscan Pro 52.220.48.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

89 %HTTPS

70 %IPv6

9 Domains

11 Subdomains

11 IPs

2 Countries

1816 kBTransfer

4354 kBSize

10 Cookies

2 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bmslide.hoangthay.vn Open in urlscan Pro
52.220.48.161 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

89 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

1816 kB
Transfer

4354 kB
Size

10
Cookies

61 HTTP transactions
1 data transactions