urlscan.io logo urlscan.io
SecurityTrails logo

www.bankofvici.com Open in urlscan Pro
3.211.207.11  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bankofvici.com/
Submission: On May 18 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 32 HTTP transactions. The main IP is 3.211.207.11, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.bankofvici.com.
TLS certificate: Issued by Amazon on June 17th 2021. Valid for: a year.
This is the only time www.bankofvici.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 3.211.207.11 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 7 18.66.248.26 16509 (AMAZON-02)
32 3
Apex Domain
Subdomains		 Transfer
26 bankofvici.com
www.bankofvici.com
762 KB
7 fundsxpress.com
bvvok.secure.fundsxpress.com
12 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 295
17 KB
32 3
Domain Requested by
26 www.bankofvici.com www.bankofvici.com
7 bvvok.secure.fundsxpress.com 2 redirects www.bankofvici.com
bvvok.secure.fundsxpress.com
1 ajax.googleapis.com www.bankofvici.com
32 3

This site contains links to these domains. Also see Links.

Domain
gateway.fundxpress.com
alert.smsservicesnow.com
Subject Issuer Validity Valid
bankofvici.com
Amazon		 2021-06-17 -
2022-07-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
prod-fxweb.apiture-comm-prod.com
Amazon		 2022-03-04 -
2023-04-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.bankofvici.com/
Frame ID: 2452CFD7D1DDA5CB6F7E3817ABF1D3BA
Requests: 27 HTTP requests in this frame

Frame: https://bvvok.secure.fundsxpress.com/DigitalBanking/custom_login?template=default&no_top_url=1&iid=BVVOK
Frame ID: 90A87F9D05665C4322A1001A577DC49B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome to Bank of Vici Online!

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!--[^>]*(?:InstanceBeginEditable|Dreamweaver([^>]+)target|DWLayoutDefaultTable)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

790 kB
Transfer

802 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://bvvok.secure.fundsxpress.com/start/BVVOK/custom_login?template=default&no_top_url=1 HTTP 307
  • https://bvvok.secure.fundsxpress.com/start/BVVOK/custom_login?template=default&no_top_url=1 HTTP 303
  • https://bvvok.secure.fundsxpress.com/DigitalBanking/custom_login?template=default&no_top_url=1&iid=BVVOK

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bankofvici.com/ 		12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6840e8dd2d4caa35bdd9b0bd314703e597442333203944a330b77ec63a100015
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
content-type
text/html; charset=UTF-8
date
Wed, 18 May 2022 00:39:08 GMT
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
styles.css
www.bankofvici.com/css/ 		11 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bankofvici.com/css/styles.css
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6870966257a521de97b95fecc662b85291911d314d50b4aeb0f32bb685864a3a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:27 GMT
server
Apache
etag
"d541952148d6e5f1-2b7f-588f24ead59c0"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
11135
x-xss-protection
1; mode=block
menu-h.css
www.bankofvici.com/css/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bankofvici.com/css/menu-h.css
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
afb556c441fe15289e78323ac7903e276dab630e24c27c832accd476c79d56f1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:27 GMT
server
Apache
etag
"d8ab8177f0cdc943-c43-588f24ead59c0"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
3139
x-xss-protection
1; mode=block
library.js
www.bankofvici.com/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bankofvici.com/js/library.js
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
992909db20d95178c194e358b8731c370bf02ab37afac4bc9c0e2be012340bfd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:29 GMT
server
Apache
etag
"cf6fd92072d6bb41-b06-588f24ecbde40"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
2822
x-xss-protection
1; mode=block
slideshow.css
www.bankofvici.com/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bankofvici.com/css/slideshow.css
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
cce100c6659be6f7a7280258e15b8035b533205c83926fa84a3471a76d7e6df3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:27 GMT
server
Apache
etag
"32b5781acf0dd23e-8de-588f24ead59c0"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
2270
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.2.6/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
928f0f1361a114f4b965df98e1b4cc11a9766a5292a29c79f13318edc3461dbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 07:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
147451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16841
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 May 2023 07:41:38 GMT
jquery.cycle.js
www.bankofvici.com/js/ 		27 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bankofvici.com/js/jquery.cycle.js
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
8b59bf0fb9ce1e0005a0f0a6a2d71c2075f2e6ee9d5f7711d2d77587991b4f00
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:29 GMT
server
Apache
etag
"f3481d49019faab6-6c7c-588f24ecbde40"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
27772
x-xss-protection
1; mode=block
slideshow.js
www.bankofvici.com/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bankofvici.com/js/slideshow.js
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c031008182a319602eb6cc6ece42138c684c71910fcf6f1e7e380912de5dde0e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:29 GMT
server
Apache
etag
"2388352bf5c28c40-975-588f24ecbde40"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
2421
x-xss-protection
1; mode=block
button-go.png
www.bankofvici.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/button-go.png
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
a8bc9bff779449df2e31ca42f1bdb78437c3919f58c7331525406970646b6e84
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"a3fa959c8e1834ee-805-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
2053
x-xss-protection
1; mode=block
spacer.gif
www.bankofvici.com/images/ 		43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/spacer.gif
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7bfc2a61114b26292b9f68b77c97352d53c1eff40dfddeb817e353d6b749c3f7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:29 GMT
server
Apache
etag
"718fddabb40b12d1-2b-588f24ecbde40"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
43
x-xss-protection
1; mode=block
lock-gold.png
www.bankofvici.com/images/ 		887 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/lock-gold.png
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
063acbec31feec3ac4c0fb35564966f9d18fd3d2b41e726e3f2fabfed6a9d55d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"b2b6127442eefff3-377-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
887
x-xss-protection
1; mode=block
pic1.jpg
www.bankofvici.com/images/ads-home/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/ads-home/pic1.jpg
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6f1f7775b57ee439ba0fa17140e2c9bd9bca312d1f8b73e0319841ded737c689
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"6423a56011c8ac14-fa63-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
64099
x-xss-protection
1; mode=block
bkg-billpay.jpg
www.bankofvici.com/images/ads-home/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/ads-home/bkg-billpay.jpg
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0e411fa4cdbd6dc3a65ce93bbcbcd9384229ed6a8d054a8cdcb9fa99fa0c25ec
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"6dd3720cb6e87f69-108a8-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
67752
x-xss-protection
1; mode=block
pic2.jpg
www.bankofvici.com/images/ads-home/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/ads-home/pic2.jpg
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
1d8f25d80fbb70eba75c67b3a56ff72b48028480e7688c4b54362d6e280423e3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"b934e4181e168665-19b81-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
105345
x-xss-protection
1; mode=block
bkg-24hour.jpg
www.bankofvici.com/images/ads-home/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/ads-home/bkg-24hour.jpg
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
43fcbccb02d091903eb2870c79617fc97f30397b0cab798817a7aa64612188c5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"8a3c0eafa6692e50-1219b-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
74139
x-xss-protection
1; mode=block
pic3.jpg
www.bankofvici.com/images/ads-home/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/ads-home/pic3.jpg
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
398fc66ab43c208f1ad25187f2d4abdc627f2e1b81d0aabaf9227234295d3369
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"c40423d7292994f6-161a6-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
90534
x-xss-protection
1; mode=block
button-slide-one.png
www.bankofvici.com/images/ads-home/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/ads-home/button-slide-one.png
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
16451416a20c24a15f27da9519ef0e036235fefd0943e1704857e0608b957694
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"b3e11f8060ceb5e5-291f-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
10527
x-xss-protection
1; mode=block
button-slide-two.png
www.bankofvici.com/images/ads-home/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/ads-home/button-slide-two.png
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
769a8af3731b30ce11dfab8211d27c76669dbf1c4678a84ce022b0763c02a59a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"21c550e77971048-37a4-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
14244
x-xss-protection
1; mode=block
button-slide-three.png
www.bankofvici.com/images/ads-home/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/ads-home/button-slide-three.png
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5e26ea03913746d2237a7b6f720cdddc14da0b6c21739cc839e2053b79227a95
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"6d7d976453c830b0-34d1-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
13521
x-xss-protection
1; mode=block
ehl.png
www.bankofvici.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/ehl.png
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
043a6835d7587c84cdb81b6c91789b810aa03b97667e1ed722a7b14a24499ea7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"ce66f73a0b7d540-9a5-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
2469
x-xss-protection
1; mode=block
pngfix.js
www.bankofvici.com/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bankofvici.com/js/pngfix.js
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
25243ae3c829a4b1fdf3a650bc3853d185e09316d9785a0d2f8815a4c18b6c77
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:29 GMT
server
Apache
etag
"1841beec1a48fdf8-5ef-588f24ecbde40"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
1519
x-xss-protection
1; mode=block
custom_login
bvvok.secure.fundsxpress.com/DigitalBanking/ Frame 90A8
Redirect Chain
  • https://bvvok.secure.fundsxpress.com/start/BVVOK/custom_login?template=default&no_top_url=1
  • https://bvvok.secure.fundsxpress.com/start/BVVOK/custom_login?template=default&no_top_url=1
  • https://bvvok.secure.fundsxpress.com/DigitalBanking/custom_login?template=default&no_top_url=1&iid=BVVOK
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bvvok.secure.fundsxpress.com/DigitalBanking/custom_login?template=default&no_top_url=1&iid=BVVOK
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-26.dus51.r.cloudfront.net
Software
/
Resource Hash
4d6cbf71f4a797a608b791c5cf5b483446c033a07dafb83cbf07b5e2f6c498ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://www.bankofvici.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-control
no-store, no-cache, private, must-revalidate
Connection
keep-alive
Content-Length
1250
Content-Type
text/html; charset=ISO-8859-1
Content-encoding
gzip
Date
Wed, 18 May 2022 00:39:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Ly7ESltX414-nPHQYZC8nubiXudf_YN0gMCHw-Jksa9-WQ4IRebOLw==
X-Amz-Cf-Pop
DUS51-P1
X-Cache
Miss from cloudfront

Redirect headers

Cache-control
no-store, no-cache, private, must-revalidate
Connection
keep-alive
Content-Length
1
Content-Type
text/html; charset=ISO-8859-1
Date
Wed, 18 May 2022 00:39:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
/DigitalBanking/custom_login?template=default&no_top_url=1&iid=BVVOK
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE" CP="{}"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
ta6zJqCYRSJCQH8HcbUXMk8qXV34khMfbmoD6AG6686Og5jalbmQ9w==
X-Amz-Cf-Pop
DUS51-P1
X-Cache
Miss from cloudfront
bkg-page-top.gif
www.bankofvici.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/bkg-page-top.gif
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/css/styles.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
f87ed3ee06cc12eb62f6fe973f6c6a32bcf35a6ea0cb2a401a3749a9803cef60
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"8ff52e018eaade2-f29-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
3881
x-xss-protection
1; mode=block
bkg-masthead.png
www.bankofvici.com/images/ 		218 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/bkg-masthead.png
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/css/styles.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
924c054e3543707ea335b458135d277163b40e2f94a18f810e4d9fcc9418d0c4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"27452d7d6deaa433-3672b-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
223019
x-xss-protection
1; mode=block
bkg-search-field.png
www.bankofvici.com/images/ 		749 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/bkg-search-field.png
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/css/styles.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
8349d2a1e4a5282fd5f05fef45ed488993de2ab67ab141bb5c326083ee031b78
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"7b338b8ace9000bd-2ed-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
749
x-xss-protection
1; mode=block
bkg-content-top.png
www.bankofvici.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/bkg-content-top.png
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/css/styles.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3596a06491efe6013814bd9217360984c4fd8b8cd7f76dd6c904771d68b7ccd6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"cbe168bf105dc101-42c-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
1068
x-xss-protection
1; mode=block
bkg-estatements.jpg
www.bankofvici.com/images/ads-home/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/ads-home/bkg-estatements.jpg
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7aa81809ebe695c4ba7aaaeb2664bcbd4734825fe8f3299811b5826328b94aef
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"44916f315b6db08f-4b87-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
19335
x-xss-protection
1; mode=block
bkg-content-bottom.png
www.bankofvici.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofvici.com/images/bkg-content-bottom.png
Requested by
Host: www.bankofvici.com
URL: https://www.bankofvici.com/css/styles.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.207.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-207-11.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ca33e709d850d4c8bcf6d5c73f6260c0a8118856167f42c3f73477f9b248317d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankofvici.com/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 May 2022 00:39:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 19:39:28 GMT
server
Apache
etag
"c5ea58782f3ddf32-681-588f24ebc9c00"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
1665
x-xss-protection
1; mode=block
BVVOK-button-login.png
bvvok.secure.fundsxpress.com/images/fx/fxweb/var/institution/ Frame 90A8 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bvvok.secure.fundsxpress.com/images/fx/fxweb/var/institution/BVVOK-button-login.png
Requested by
Host: bvvok.secure.fundsxpress.com
URL: https://bvvok.secure.fundsxpress.com/DigitalBanking/custom_login?template=default&no_top_url=1&iid=BVVOK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-26.dus51.r.cloudfront.net
Software
/
Resource Hash
9ffec22b47217f6440224db426ea6f52839064f30568ed53d6282b8f11d6a474
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bvvok.secure.fundsxpress.com/DigitalBanking/custom_login?template=default&no_top_url=1&iid=BVVOK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 18 May 2022 00:39:10 GMT
Via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
Last-Modified
Sat, 26 Jan 2019 00:15:30 GMT
X-Amz-Cf-Pop
DUS51-P1
ETag
"88b-58051575d6c80"
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Cache
Miss from cloudfront
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
2187
X-Amz-Cf-Id
EGFc8ceWAvFQvV9v-cLYlaM1NFSopm0wBszfqdR1nx0usu_djPSG7g==
Expires
Wed, 18 May 2022 00:54:10 GMT
BVVOK-bkg-input.png
bvvok.secure.fundsxpress.com/images/fx/fxweb/var/institution/ Frame 90A8 		749 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bvvok.secure.fundsxpress.com/images/fx/fxweb/var/institution/BVVOK-bkg-input.png
Requested by
Host: bvvok.secure.fundsxpress.com
URL: https://bvvok.secure.fundsxpress.com/DigitalBanking/custom_login?template=default&no_top_url=1&iid=BVVOK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-26.dus51.r.cloudfront.net
Software
/
Resource Hash
8349d2a1e4a5282fd5f05fef45ed488993de2ab67ab141bb5c326083ee031b78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bvvok.secure.fundsxpress.com/DigitalBanking/custom_login?template=default&no_top_url=1&iid=BVVOK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 18 May 2022 00:39:10 GMT
Via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
Last-Modified
Sat, 26 Jan 2019 00:15:30 GMT
X-Amz-Cf-Pop
DUS51-P1
ETag
"2ed-58051575d6c80"
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Cache
Miss from cloudfront
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
749
X-Amz-Cf-Id
vCT2hsZsZYVJtrpeAb3GHDfzgwqcxCFJ-8uJVrTn7VLfB2oMRzX67w==
Expires
Wed, 18 May 2022 00:54:10 GMT
bkg-access-id-text.gif
bvvok.secure.fundsxpress.com/images/fx/fxweb/var/institution/ Frame 90A8 		391 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bvvok.secure.fundsxpress.com/images/fx/fxweb/var/institution/bkg-access-id-text.gif
Requested by
Host: bvvok.secure.fundsxpress.com
URL: https://bvvok.secure.fundsxpress.com/DigitalBanking/custom_login?template=default&no_top_url=1&iid=BVVOK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-26.dus51.r.cloudfront.net
Software
/
Resource Hash
6bc4bc54dcfb60e2503fe2d2fe671c3c47fd818f429331b3386f8f4c48f1cf4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bvvok.secure.fundsxpress.com/DigitalBanking/custom_login?template=default&no_top_url=1&iid=BVVOK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 18 May 2022 00:39:10 GMT
Via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
Last-Modified
Sat, 26 Jan 2019 00:16:03 GMT
X-Amz-Cf-Pop
DUS51-P1
ETag
"187-580515954f6c0"
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Cache
Miss from cloudfront
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
391
X-Amz-Cf-Id
SWAnT_UvjFKqd8rKOylZ1XL97dqnHmBZWsByNU1-QWwAfNWoxvymnQ==
Expires
Wed, 18 May 2022 00:54:10 GMT
bkg-passcode-text.gif
bvvok.secure.fundsxpress.com/images/fx/fxweb/var/institution/ Frame 90A8 		418 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bvvok.secure.fundsxpress.com/images/fx/fxweb/var/institution/bkg-passcode-text.gif
Requested by
Host: bvvok.secure.fundsxpress.com
URL: https://bvvok.secure.fundsxpress.com/DigitalBanking/custom_login?template=default&no_top_url=1&iid=BVVOK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-26.dus51.r.cloudfront.net
Software
/
Resource Hash
c10f0d7997788375ad589ebfe7a1d39483b0c0ec3c8a3fe2e32122550392ece8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bvvok.secure.fundsxpress.com/DigitalBanking/custom_login?template=default&no_top_url=1&iid=BVVOK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 18 May 2022 00:39:10 GMT
Via
1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
Last-Modified
Sat, 26 Jan 2019 00:16:03 GMT
X-Amz-Cf-Pop
DUS51-P1
ETag
"1a2-580515954f6c0"
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Cache
Miss from cloudfront
P3P
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR LEG PHY ONL UNI FIN COM NAV INT CNT STA PRE"
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
418
X-Amz-Cf-Id
HgtN_PtkPSC_jokjzBa68sQH-GwJmcKTIAOBh2STZBdrU1FvlCNAOw==
Expires
Wed, 18 May 2022 00:54:10 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails undefined| target function| escapeHTML function| LinkAlert function| SearchSite function| valid_email function| valid_phone function| mail function| make_href function| make_address function| make_nickname function| confirmAllLinks function| $ function| jQuery object| $slideshow object| arVersion number| version undefined| img undefined| imgName undefined| imgID undefined| imgClass undefined| imgTitle undefined| imgStyle undefined| strNewHTML string| this_href

4 Cookies

Domain/Path Name / Value
.secure.fundsxpress.com/ Name: secure.fx.sid.fxweb
Value: login%232%23de9b32fa9993f596%23b0fd54928b4b85ed1f9336a0c03eb70df30e3a142526972da309ce24d9b33783301c98933566d736e19ddfde3fcd120b85b6655ed5e094ad
bvvok.secure.fundsxpress.com/ Name: TS01d09e1e
Value: 01c6fb4b6c7533bb1a01986923d7a640d32fa24ac4b0f084b08ee912616288237e089dff616bd118a5ad9434ba805368e11eb33f98
.secure.fundsxpress.com/ Name: TS013f41e5
Value: 01c6fb4b6c7533bb1a01986923d7a640d32fa24ac4b0f084b08ee912616288237e089dff616bd118a5ad9434ba805368e11eb33f98
bvvok.secure.fundsxpress.com/ Name: TS481daac3027
Value: 0894bc7510ab2000219174bf165d6f09d53446ec3060f4d455a9eedab7dc003c851a38b516c457c5084544496011300032695f27c52ff2702b759c10c491edce250832e283370580d4c75434e31dcc33a159df988a3b74b89ac319197b1f794e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.fundsxpress.com api.accuweather.com https://*.google-analytics.com https://*.googleapis.com https://code.jquery.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com fonts.googleapis.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.fundsxpress.com data: fonts.googleapis.com fonts.gstatic.com https://maxcdn.bootstrapcdn.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://*.fundsxpress.com; img-src 'self' https://ajax.googleapis.com data: maps.googleapis.com https://*.google-analytics.com *.fundsxpress.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bvvok.secure.fundsxpress.com
www.bankofvici.com
18.66.248.26
2a00:1450:4001:82b::200a
3.211.207.11
043a6835d7587c84cdb81b6c91789b810aa03b97667e1ed722a7b14a24499ea7
063acbec31feec3ac4c0fb35564966f9d18fd3d2b41e726e3f2fabfed6a9d55d
0e411fa4cdbd6dc3a65ce93bbcbcd9384229ed6a8d054a8cdcb9fa99fa0c25ec
16451416a20c24a15f27da9519ef0e036235fefd0943e1704857e0608b957694
1d8f25d80fbb70eba75c67b3a56ff72b48028480e7688c4b54362d6e280423e3
25243ae3c829a4b1fdf3a650bc3853d185e09316d9785a0d2f8815a4c18b6c77
3596a06491efe6013814bd9217360984c4fd8b8cd7f76dd6c904771d68b7ccd6
398fc66ab43c208f1ad25187f2d4abdc627f2e1b81d0aabaf9227234295d3369
43fcbccb02d091903eb2870c79617fc97f30397b0cab798817a7aa64612188c5
4d6cbf71f4a797a608b791c5cf5b483446c033a07dafb83cbf07b5e2f6c498ca
5e26ea03913746d2237a7b6f720cdddc14da0b6c21739cc839e2053b79227a95
6840e8dd2d4caa35bdd9b0bd314703e597442333203944a330b77ec63a100015
6870966257a521de97b95fecc662b85291911d314d50b4aeb0f32bb685864a3a
6bc4bc54dcfb60e2503fe2d2fe671c3c47fd818f429331b3386f8f4c48f1cf4b
6f1f7775b57ee439ba0fa17140e2c9bd9bca312d1f8b73e0319841ded737c689
769a8af3731b30ce11dfab8211d27c76669dbf1c4678a84ce022b0763c02a59a
7aa81809ebe695c4ba7aaaeb2664bcbd4734825fe8f3299811b5826328b94aef
7bfc2a61114b26292b9f68b77c97352d53c1eff40dfddeb817e353d6b749c3f7
8349d2a1e4a5282fd5f05fef45ed488993de2ab67ab141bb5c326083ee031b78
8b59bf0fb9ce1e0005a0f0a6a2d71c2075f2e6ee9d5f7711d2d77587991b4f00
924c054e3543707ea335b458135d277163b40e2f94a18f810e4d9fcc9418d0c4
928f0f1361a114f4b965df98e1b4cc11a9766a5292a29c79f13318edc3461dbc
992909db20d95178c194e358b8731c370bf02ab37afac4bc9c0e2be012340bfd
9ffec22b47217f6440224db426ea6f52839064f30568ed53d6282b8f11d6a474
a8bc9bff779449df2e31ca42f1bdb78437c3919f58c7331525406970646b6e84
afb556c441fe15289e78323ac7903e276dab630e24c27c832accd476c79d56f1
c031008182a319602eb6cc6ece42138c684c71910fcf6f1e7e380912de5dde0e
c10f0d7997788375ad589ebfe7a1d39483b0c0ec3c8a3fe2e32122550392ece8
ca33e709d850d4c8bcf6d5c73f6260c0a8118856167f42c3f73477f9b248317d
cce100c6659be6f7a7280258e15b8035b533205c83926fa84a3471a76d7e6df3
f87ed3ee06cc12eb62f6fe973f6c6a32bcf35a6ea0cb2a401a3749a9803cef60