account-staging.bongthom.com Open in urlscan Pro
167.99.77.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://account-staging.bongthom.com/
Effective URL:
https://account-staging.bongthom.com/auth/login
Submission: On August 29 via automatic, source certstream-suspicious (August 29th 2021, 2:31:41 pm UTC)

Summary HTTP 20 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 20 HTTP transactions. The main IP is 167.99.77.43, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is account-staging.bongthom.com.
TLS certificate: Issued by R3 on August 29th 2021. Valid for: 3 months.

This is the only time account-staging.bongthom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	167.99.77.43 167.99.77.43	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.13.26 151.101.13.26	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
20	9

7 167.99.77.43 (Singapore, Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: account-staging.bongsrey.com

account-staging.bongthom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.26 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	bongthom.com 1 redirects account-staging.bongthom.com	745 KB
6	cloudflare.com cdnjs.cloudflare.com	73 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	33 KB
2	polyfill.io cdn.polyfill.io	803 B
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
20	6

	Domain	Requested by
7	account-staging.bongthom.com	1 redirects account-staging.bongthom.com
6	cdnjs.cloudflare.com	account-staging.bongthom.com
2	cdn.polyfill.io	account-staging.bongthom.com
2	www.gstatic.com	account-staging.bongthom.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	account-staging.bongthom.com
1	ajax.googleapis.com	account-staging.bongthom.com
1	fonts.googleapis.com	account-staging.bongthom.com
20	8

This site contains links to these domains. Also see Links.

Domain
bongthom.com

Subject Issuer	Validity	Valid
account-staging.bongthom.com R3	`2021-08-29` - `2021-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://account-staging.bongthom.com/auth/login
Frame ID: 2A4A11E01D4F161673B57A554B0E39FE
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

One account for all BongThom Services - BongThom Account

Page URL History Show full URLs

https://account-staging.bongthom.com/ HTTP 307
https://account-staging.bongthom.com/auth/login Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /^https?:\/\/cdn\.polyfill\.io\//i
script /\/polyfill\.min\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

100 %
HTTPS

78 %
IPv6

6
Domains

8
Subdomains

9
IPs

3
Countries

883 kB
Transfer

2916 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://bongthom.com/about_us.html
Title: * About

Search URL Search Domain Scan URL

URL: https://bongthom.com/term_condition.html
Title: * Term & Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://account-staging.bongthom.com/ HTTP 307
https://account-staging.bongthom.com/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
account-staging.bongthom.com/auth/
Redirect Chain

https://account-staging.bongthom.com/
https://account-staging.bongthom.com/auth/login

10 KB
4 KB

214ms
214ms

Document
text/html

167.99.77.43
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://account-staging.bongthom.com/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.99.77.43 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

account-staging.bongsrey.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

7bf70cc56c148d6ac26447cb1fcf80ac4a8ea654fab654f2cf846fe1b2d50ff9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: account-staging.bongthom.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ci_session=nes4dact03h7pavl2cj0sj97gu5h8qgv
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Sun, 29 Aug 2021 14:31:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Sun, 29 Aug 2021 14:31:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Set-Cookie: ci_session=nes4dact03h7pavl2cj0sj97gu5h8qgv; expires=Sun, 29-Aug-2021 14:51:21 GMT; Max-Age=1200; path=/; domain=.bongthom.com; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://account-staging.bongthom.com/auth/login
X-Frame-Options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 2 KB
609 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Exo+2

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27c4ccb1e0b7343884d41ddf1d85b6d0c5acb79066736044361e431e42079c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://account-staging.bongthom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 29 Aug 2021 12:55:45 GMT
server: ESF
date: Sun, 29 Aug 2021 14:31:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Aug 2021 14:31:21 GMT

GET
H/1.1 200
OK styles.bundle.css
account-staging.bongthom.com/css/ 419 KB
76 KB 400ms
400ms Stylesheet
text/css 167.99.77.43
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://account-staging.bongthom.com/css/styles.bundle.css?version=2.0.0

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.99.77.43 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

account-staging.bongsrey.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

b37d67b570ca4b0e096c1b4f63ed1536cf9e454c358d8969356f008eeb5da685

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: account-staging.bongthom.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://account-staging.bongthom.com/auth/login
Cookie: ci_session=nes4dact03h7pavl2cj0sj97gu5h8qgv
Connection: keep-alive
Referer: https://account-staging.bongthom.com/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 29 Aug 2021 14:31:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 26 Aug 2021 06:54:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"61273a8f-68d46"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3-29 200 gb.svg
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.1.0/flags/4x3/ 834 B
1 KB 21ms
21ms Image
image/svg+xml 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.1.0/flags/4x3/gb.svg

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce93c8a6b974d63998e263f6d25f898fc20580a28464457f2f4463b687e4fe8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://account-staging.bongthom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 14:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8196983
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 396
cf-request-id: 0a4b5782ff0000d6b94f9fc000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5d-342"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxMuzUuVA%2F32xAXzeJZb96BXBSnpek%2BjJsu7SwS3Bm1TyNoqM6z5K6sIJCp3kaTT1nH4j5CTjLXA%2F3xgeEIuya3lvwYR7RfnJ4iASJ3w%2FjYAa4E%2BcHHMfDjRrn2uUBQXWSOFI65eGNxmB8ZKXapVjqmL"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68667b8bed2f5c85-FRA
expires: Fri, 19 Aug 2022 14:31:22 GMT

GET
H3-29 200 kh.svg
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.1.0/flags/4x3/ 7 KB
3 KB 12ms
12ms Image
image/svg+xml 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.1.0/flags/4x3/kh.svg

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7409fab4ba4e676db7b5c61020b97893b1735fe0b8e39e9b4f96108400be704e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://account-staging.bongthom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 14:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 472240
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2411
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5d-1c7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F56dj9DPA5svK5uOJSGS6kMma1r9iC6fq1qUGP8Q8k9PL6ryYNiV1q0%2Fq5%2FJOA5ytmBZW7%2BOamQ%2FIgfDbbi2fasb35FhIqPdsNDRaoFifs4vM15r20f8CAdTb51h%2BKbdN6XMELzVj%2BWwsk8JXp%2BWhY2H"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68667b8bfd545c85-FRA
expires: Fri, 19 Aug 2022 14:31:22 GMT

GET
H/1.1 200
OK logo.png
account-staging.bongthom.com/images/ 6 KB
6 KB 578ms
194ms Image
image/png 167.99.77.43
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account-staging.bongthom.com/images/logo.png

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.99.77.43 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

account-staging.bongsrey.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a587b070e8274eb45008e263533eacdffb7c7f73c0b16f2f23f68178b7bcb538

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: account-staging.bongthom.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://account-staging.bongthom.com/auth/login
Cookie: ci_session=nes4dact03h7pavl2cj0sj97gu5h8qgv
Connection: keep-alive
Referer: https://account-staging.bongthom.com/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 29 Aug 2021 14:31:22 GMT
Last-Modified: Thu, 26 Aug 2021 06:47:33 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "61273905-18ab"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6315

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.3.3/ 21 KB
7 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.3/firebase-app.js

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdecc5a4ad9e9d6477d4c62bf3b5a9dcfd87c948fa6d4598bd983e22d5f8270a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account-staging.bongthom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 09:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6764
x-xss-protection: 0
last-modified: Mon, 12 Apr 2021 21:41:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 09:17:42 GMT

GET
H3-29 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.3.3/ 40 KB
11 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.3/firebase-messaging.js

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97ca7ab6629e76d087afd218b3cfaab0c384afb91dd0aeb38c63aaf3b2fde32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account-staging.bongthom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 16:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10908
x-xss-protection: 0
last-modified: Mon, 12 Apr 2021 21:41:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 16:11:01 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
605 B 136ms
59ms Script
text/javascript 151.101.13.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.26 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account-staging.bongthom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 4111775
detected-user-agent: Chrome/92.0.4515
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Mon, 12 Jul 2021 14:17:10 GMT
date: Sun, 29 Aug 2021 14:31:21 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/92.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 es5-shim.js Show response
cdnjs.cloudflare.com/ajax/libs/es5-shim/4.4.1/ 66 KB
14 KB 24ms
23ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.4.1/es5-shim.js

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a85faa8b46811a5f1a56acb4819d4c379db84a22892f77cf2297c7ebf50f6e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://account-staging.bongthom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 14:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 242162
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14228
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e54-107be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zK32zvdwjNjfZShK%2BvbAqT9MZk4zwx%2Ba37a5S4UE%2BI45fexqpuBI7WD8iWrhWsG5ZKtgob5rb71K4YEmyjOulgO7uNpzJ0HYWNHCQM5UoTYPYBnHSXM5JJtthIhPPM5OB5Y0on81s2%2B%2FfB23nGY8DmW2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68667b89dbc90610-FRA
expires: Fri, 19 Aug 2022 14:31:21 GMT

GET
H3-29 200 es6-shim.js Show response
cdnjs.cloudflare.com/ajax/libs/es6-shim/0.34.1/ 130 KB
26 KB 46ms
36ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/es6-shim/0.34.1/es6-shim.js

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed7973c97bd83db3787389279dc6f3a502dfa7b22808d9f2798958e466e6531d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://account-staging.bongthom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 14:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 330873
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 26023
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e54-20823"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BIWHU1JnCpsWmgl3ha1wljGv6LWLm50Bu6yD4NPUOEu7pyrUfEc59g%2FYYU%2FNyabWntaBAEhlJ2ZAVOTLrA4IVO%2B6G2acePKzPq6KjWnwl5Yo%2BuPVfaw%2FUR0s%2FoKxVFcxbum0DAO7jMXrSIhU2HQy1Cd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68667b8a18865c85-FRA
expires: Fri, 19 Aug 2022 14:31:21 GMT

GET
H3-29 200 browser-polyfill.min.js Show response
cdnjs.cloudflare.com/ajax/libs/babel-core/5.6.15/ 83 KB
21 KB 16ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/babel-core/5.6.15/browser-polyfill.min.js

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9c15a2727855b6b24591dc43d1c522d04a3859180ea246f4c990d4de63af0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://account-staging.bongthom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 14:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1383792
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21126
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6a-14cd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrP%2Fekh2b7tzpX%2FcEXVrJu6Bgawmsn9vEaePOArhwkysHoTzb3Qk6N02kc8vjwPhyaCUq6Yw6fgk4VzrWTdLlgvN3Pa3HJLDL%2BDOPM9QzrLRk7eVlDEIzvqTDcxMMG0BzOEWk7JC6bAvL3jpds%2FckjJ2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68667b8a59645c85-FRA
expires: Fri, 19 Aug 2022 14:31:21 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account-staging.bongthom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 14:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Aug 2022 14:14:02 GMT

GET
H2 200 jquery.session.min.js Show response
cdn.jsdelivr.net/npm/jquery.session@1.0.0/ 2 KB
1 KB 20ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account-staging.bongthom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 624622
x-jsd-version: 1.0.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 933
etag: W/"91d-mUGbC+S4VCL/hIcOVNvYpS3G2rE"
x-served-by: cache-fra19123-FRA
x-jsd-version-type: version
date: Sun, 29 Aug 2021 14:31:22 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 intro.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intro.js/2.9.3/ 28 KB
7 KB 21ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intro.js/2.9.3/intro.min.js

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ce3c799a6a6aa41cfbf84181b192248a9bb3bfdc6009e39e78a505d895ea0ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://account-staging.bongthom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 14:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6977010
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6364
cf-request-id: 0a940ed19b00004e97351ea000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea7-70fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZ%2BhXQruKHlq6Fw3HGhkhcsi3GEPczMRfqKDBLUNfltgNiJr4RO5UoKh2H%2BssWdu5G5oYvm67l3oHttLnCAYbcGVMiYU1E0CUeW7TVXgDQf4gGxNGyKLA%2Fwr78McpnAKm%2F%2FCKcYFH1X0jqgxiMmSPKIM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68667b8aaa5b5c85-FRA
expires: Fri, 19 Aug 2022 14:31:22 GMT

GET
H/1.1 200
OK global.bundle.js Show response
account-staging.bongthom.com/js/ 2 MB
449 KB 367ms
194ms Script
application/javascript 167.99.77.43
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://account-staging.bongthom.com/js/global.bundle.js?version=2.0.0

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.99.77.43 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

account-staging.bongsrey.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

25bb659bad2807be4bc179cae3cbfc7924e11c7b99ef681ae5f7640c0d3c0397

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: account-staging.bongthom.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://account-staging.bongthom.com/auth/login
Cookie: ci_session=nes4dact03h7pavl2cj0sj97gu5h8qgv
Connection: keep-alive
Referer: https://account-staging.bongthom.com/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 29 Aug 2021 14:31:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 26 Aug 2021 06:54:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"61273a8f-1c004d"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 7cH1v4okm5zmbvwkAx_sfcEuiD8jvvKsOdC_.woff2
fonts.gstatic.com/s/exo2/v10/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v10/7cH1v4okm5zmbvwkAx_sfcEuiD8jvvKsOdC_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Exo+2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe77d8a305df54092664de8523da48d2997ae074264ccfdf028862bbbba87dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://account-staging.bongthom.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 18:02:23 GMT
x-content-type-options: nosniff
age: 419339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15004
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:21:45 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 18:02:23 GMT

GET
H/1.1 200
OK fa-brands-400.woff2
account-staging.bongthom.com/fonts/ 75 KB
75 KB 530ms
337ms Font
application/octet-stream 167.99.77.43
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://account-staging.bongthom.com/fonts/fa-brands-400.woff2

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/css/styles.bundle.css?version=2.0.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.99.77.43 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

account-staging.bongsrey.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

c8f7932217a70a360d6b40a128f6822553c178fef1d9c27419f5f5f252163fdc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://account-staging.bongthom.com
Accept-Encoding: gzip, deflate, br
Host: account-staging.bongthom.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://account-staging.bongthom.com/css/styles.bundle.css?version=2.0.0
Cookie: ci_session=nes4dact03h7pavl2cj0sj97gu5h8qgv
Connection: keep-alive
Origin: https://account-staging.bongthom.com
Referer: https://account-staging.bongthom.com/css/styles.bundle.css?version=2.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 29 Aug 2021 14:31:22 GMT
Last-Modified: Thu, 26 Aug 2021 06:54:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "61273a8f-12ad4"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76500

GET
H2 200 polyfill.min.js
cdn.polyfill.io/v2/ 222 B
198 B 37ms
37ms Other
text/javascript 151.101.13.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/auth/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.26 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account-staging.bongthom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 4111776
detected-user-agent: Chrome/92.0.4515
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Mon, 12 Jul 2021 14:17:10 GMT
date: Sun, 29 Aug 2021 14:31:22 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/92.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK fa-solid-900.woff2
account-staging.bongthom.com/fonts/ 135 KB
135 KB 357ms
357ms Font
application/octet-stream 167.99.77.43
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://account-staging.bongthom.com/fonts/fa-solid-900.woff2

Requested by

Host: account-staging.bongthom.com
URL: https://account-staging.bongthom.com/css/styles.bundle.css?version=2.0.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.99.77.43 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

account-staging.bongsrey.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ea1f1cd8dd93d32f9b337df9b9faf9073015353f384895a59e743eb5ddce47d4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://account-staging.bongthom.com
Accept-Encoding: gzip, deflate, br
Host: account-staging.bongthom.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://account-staging.bongthom.com/css/styles.bundle.css?version=2.0.0
Cookie: ci_session=nes4dact03h7pavl2cj0sj97gu5h8qgv; __session:0.16248348448810557:=https:
Connection: keep-alive
Origin: https://account-staging.bongthom.com
Referer: https://account-staging.bongthom.com/css/styles.bundle.css?version=2.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 29 Aug 2021 14:31:22 GMT
Last-Modified: Thu, 26 Aug 2021 06:54:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "61273a8f-21b08"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137992

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			account-staging.bongthom.com/	1970-01-19 20:50:47	Name: __session:0.16248348448810557: Value: https:
			.bongthom.com/	1970-01-19 20:50:48	Name: ci_session Value: nes4dact03h7pavl2cj0sj97gu5h8qgv

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account-staging.bongthom.com
ajax.googleapis.com
cdn.jsdelivr.net
cdn.polyfill.io
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
www.gstatic.com
151.101.13.26
167.99.77.43
2606:4700::6810:125e
2606:4700::6810:135e
2a00:1450:4001:80f::200a
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82f::2003
2a04:4e42:3::485
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
25bb659bad2807be4bc179cae3cbfc7924e11c7b99ef681ae5f7640c0d3c0397
27c4ccb1e0b7343884d41ddf1d85b6d0c5acb79066736044361e431e42079c29
7409fab4ba4e676db7b5c61020b97893b1735fe0b8e39e9b4f96108400be704e
76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c
7bf70cc56c148d6ac26447cb1fcf80ac4a8ea654fab654f2cf846fe1b2d50ff9
7ce3c799a6a6aa41cfbf84181b192248a9bb3bfdc6009e39e78a505d895ea0ba
97ca7ab6629e76d087afd218b3cfaab0c384afb91dd0aeb38c63aaf3b2fde32e
a587b070e8274eb45008e263533eacdffb7c7f73c0b16f2f23f68178b7bcb538
a85faa8b46811a5f1a56acb4819d4c379db84a22892f77cf2297c7ebf50f6e19
b37d67b570ca4b0e096c1b4f63ed1536cf9e454c358d8969356f008eeb5da685
bdecc5a4ad9e9d6477d4c62bf3b5a9dcfd87c948fa6d4598bd983e22d5f8270a
c8f7932217a70a360d6b40a128f6822553c178fef1d9c27419f5f5f252163fdc
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
ce93c8a6b974d63998e263f6d25f898fc20580a28464457f2f4463b687e4fe8d
ea1f1cd8dd93d32f9b337df9b9faf9073015353f384895a59e743eb5ddce47d4
ed7973c97bd83db3787389279dc6f3a502dfa7b22808d9f2798958e466e6531d
f9c15a2727855b6b24591dc43d1c522d04a3859180ea246f4c990d4de63af0db
fe77d8a305df54092664de8523da48d2997ae074264ccfdf028862bbbba87dff

account-staging.bongthom.com Open in urlscan Pro 167.99.77.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

78 %IPv6

6 Domains

8 Subdomains

9 IPs

3 Countries

883 kBTransfer

2916 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

account-staging.bongthom.com Open in urlscan Pro
167.99.77.43 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

78 %
IPv6

6
Domains

8
Subdomains

9
IPs

3
Countries

883 kB
Transfer

2916 kB
Size

2
Cookies

20 HTTP transactions
0 data transactions