secure.vpbank.com.vn Open in urlscan Pro
45.223.61.183  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response secure.vpbank.com.vn/	10 KB 5 KB	846ms 526ms	Document text/html	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash ff71196e4c1ce9457967589d42f3ea7c42b02d2ea4357c6d33fbf1ab2d3dcc15 Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control no-cache content-encoding gzip content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' content-type text/html date Fri, 20 Oct 2023 10:19:38 GMT etag "65059e86-268b" last-modified Sat, 16 Sep 2023 12:24:38 GMT strict-transport-security max-age=31536000; includeSubDomains x-cdn Imperva x-content-type-options nosniff x-iinfo 14-4835486-4806410 pNYy RT(1697797177625 32) q(0 0 0 0) r(5 5) U12 x-xss-protection 1; mode=block
GET H2	200	font-awesome.min.css secure.vpbank.com.vn/font-awesome/	30 KB 7 KB	480ms 479ms	Stylesheet text/css	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/font-awesome/font-awesome.min.css Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:38 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Thu, 07 Sep 2023 07:21:02 GMT x-cdn Imperva content-encoding gzip etag "64f979de-791c" content-type text/css x-iinfo 14-4835486-4831410 3NYN RT(1697797177625 560) q(0 0 0 -1) r(5 5) U2 cache-control no-cache accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	2 KB 994 B	84ms 33ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto&display=swap Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 20 Oct 2023 10:19:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 20 Oct 2023 09:38:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 20 Oct 2023 10:19:38 GMT
GET H2	200	17.0a9dd6b8.chunk.css secure.vpbank.com.vn/static/css/	8 KB 3 KB	437ms 435ms	Stylesheet text/css	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/static/css/17.0a9dd6b8.chunk.css Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 7191cca5ec8029d1d7a3c23822f94df75a7a32d29e84ab8552ec1a7fb87d53f3 Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:38 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Sat, 16 Sep 2023 12:24:38 GMT x-cdn Imperva content-encoding gzip etag "65059e86-1e4b" content-type text/css x-iinfo 14-4835486-4825460 3NYN RT(1697797177625 564) q(0 0 0 -1) r(4 4) U2 cache-control no-cache accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	main.2481bf09.chunk.css secure.vpbank.com.vn/static/css/	340 KB 48 KB	508ms 507ms	Stylesheet text/css	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/static/css/main.2481bf09.chunk.css Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 360982e55a8dddcb8dd8b746336a9e71da37cb518cc3b18578d73aa65f6ca43e Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:38 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Sat, 16 Sep 2023 12:24:38 GMT x-cdn Imperva content-encoding gzip etag "65059e86-55031" content-type text/css x-iinfo 14-4835486-4825414 3NYN RT(1697797177625 567) q(0 0 0 -1) r(5 5) U2 cache-control no-cache accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	17.034f4e40.chunk.js Show response secure.vpbank.com.vn/static/js/	402 KB 131 KB	434ms 433ms	Script application/javascript	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/static/js/17.034f4e40.chunk.js Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 97717a3f2eaf456c8927acf203d3e545ec32f6802419ad8e726193713daeba59 Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:38 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Sat, 16 Sep 2023 12:24:38 GMT x-cdn Imperva content-encoding gzip etag "65059e86-646d0" content-type application/javascript x-iinfo 14-4835486-4818716 3NYN RT(1697797177625 569) q(0 0 0 -1) r(4 4) U2 cache-control no-cache accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	main.652ff737.chunk.js Show response secure.vpbank.com.vn/static/js/	8 KB 3 KB	507ms 506ms	Script application/javascript	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/static/js/main.652ff737.chunk.js Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 513a964a181b09c9d99f3cccbe34d3d206c6b0194eafbe250aa627c68f59b106 Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:38 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Sat, 16 Sep 2023 12:24:38 GMT x-cdn Imperva content-encoding gzip etag "65059e86-1e18" content-type application/javascript x-iinfo 14-4835486-4834271 3NYN RT(1697797177625 577) q(0 0 0 -1) r(4 4) U2 cache-control no-cache accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	_Incapsula_Resource Show response secure.vpbank.com.vn/	138 KB 20 KB	59ms 58ms	Script application/javascript	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1601722305 Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash c4aefe967a7760a8036c3b621a450131d1642e86f0a628c6b8d1f3393231fbc2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 cache-control no-cache, no-store content-encoding gzip x-robots-tag noindex content-length 19925 content-type application/javascript
GET H2	200	1.24d4d836.chunk.js Show response secure.vpbank.com.vn/static/js/	151 KB 45 KB	437ms 437ms	Script application/javascript	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/static/js/1.24d4d836.chunk.js Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash b8e72eb6a29b063b4d8be0111646290f0bfd86d7a69e4a6e3efc3f25ccd554e7 Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:40 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Sat, 16 Sep 2023 12:24:38 GMT x-cdn Imperva content-encoding gzip etag "65059e86-25d8e" content-type application/javascript x-iinfo 14-4835486-4834271 3NYN RT(1697797177625 1884) q(0 0 0 -1) r(3 3) U2 cache-control no-cache accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	5.87f9335e.chunk.js Show response secure.vpbank.com.vn/static/js/	54 KB 17 KB	436ms 436ms	Script application/javascript	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/static/js/5.87f9335e.chunk.js Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 731c669e786dee8e552e62d4d6df9143eb5b912aea5546cafbeca437b399adfa Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:40 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Sat, 16 Sep 2023 12:24:38 GMT x-cdn Imperva content-encoding gzip etag "65059e86-d993" content-type application/javascript x-iinfo 14-4835486-4835562 3NYN RT(1697797177625 1893) q(0 0 0 -1) r(3 3) U2 cache-control no-cache accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	19.24d61e89.chunk.css secure.vpbank.com.vn/static/css/	17 KB 4 KB	442ms 441ms	Stylesheet text/css	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/static/css/19.24d61e89.chunk.css Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash d3cbc1cce53e6d72c8d66d33af4b7a74de9ef3509b0df416b19935fcc1e1565e Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:40 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Sat, 16 Sep 2023 12:24:38 GMT x-cdn Imperva content-encoding gzip etag "65059e86-4492" content-type text/css x-iinfo 14-4835486-4831410 3NYN RT(1697797177625 1900) q(0 0 0 -1) r(3 3) U2 cache-control no-cache accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	19.61283bdb.chunk.js Show response secure.vpbank.com.vn/static/js/	382 KB 109 KB	458ms 457ms	Script application/javascript	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/static/js/19.61283bdb.chunk.js Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 0a777ebcace3f6624378b48360c364bc39a0ba963c08dbb3a7186176bbe4d4c6 Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:40 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Sat, 16 Sep 2023 12:24:38 GMT x-cdn Imperva content-encoding gzip etag "65059e86-5f8f9" content-type application/javascript x-iinfo 14-4835486-4835605 3NYN RT(1697797177625 1914) q(0 0 0 -1) r(3 3) U2 cache-control no-cache accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	6.aa55629f.chunk.js Show response secure.vpbank.com.vn/static/js/	30 KB 6 KB	460ms 460ms	Script application/javascript	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/static/js/6.aa55629f.chunk.js Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 80486a3b075e2e10b5305b14ec4b976a35c73ffdc6b7fdd9b865aaf183d4e60f Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:40 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Sat, 16 Sep 2023 12:24:38 GMT x-cdn Imperva content-encoding gzip etag "65059e86-77dd" content-type application/javascript x-iinfo 14-4835486-4835750 3NYN RT(1697797177625 1917) q(0 0 0 -1) r(0 3) U2 cache-control no-cache accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	21.c5b154a4.chunk.css secure.vpbank.com.vn/static/css/	354 B 269 B	460ms 460ms	Stylesheet text/css	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/static/css/21.c5b154a4.chunk.css Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash a833fcc3ac35854de717d67d74a696d8e6d26182bed9a53a5e50b579cd358d6f Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:40 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Sat, 16 Sep 2023 12:24:38 GMT x-cdn Imperva content-encoding gzip etag "65059e86-162" content-type text/css x-iinfo 14-4835486-4835753 3NYN RT(1697797177625 1920) q(0 0 0 -1) r(0 3) U2 cache-control no-cache accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	21.2959ef1d.chunk.js Show response secure.vpbank.com.vn/static/js/	407 KB 82 KB	794ms 794ms	Script application/javascript	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/static/js/21.2959ef1d.chunk.js Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 99868cbd6fc5a6b988a8e324665b130095ec6ad6384236d7dd2c6218fb39dad6 Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:40 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Sat, 16 Sep 2023 12:24:38 GMT x-cdn Imperva content-encoding gzip etag "65059e86-65a53" content-type application/javascript x-iinfo 14-4835486-4825414 3NYN RT(1697797177625 1923) q(0 3 3 -1) r(7 7) U2 cache-control no-cache accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	72ms 21ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://secure.vpbank.com.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 04:06:52 GMT x-content-type-options nosniff age 22367 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 19 Oct 2024 04:06:52 GMT
GET H2	200	_Incapsula_Resource secure.vpbank.com.vn/	1 B 36 B	69ms 69ms	Image text/plain	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://secure.vpbank.com.vn/_Incapsula_Resource?SWKMTFSR=1&e=0.5712362324237719 Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 cache-control no-cache, no-store x-robots-tag noindex content-length 1 content-type text/plain
GET H2	200	32.abe7c21e.chunk.css secure.vpbank.com.vn/static/css/	200 B 318 B	382ms 381ms	Stylesheet text/css	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/static/css/32.abe7c21e.chunk.css Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash b5b71b50a250e410dcdbdd30967ce2e02f15db555e812d9115d38586d981548c Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/login?url=/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:41 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Sat, 16 Sep 2023 12:24:38 GMT x-cdn Imperva content-encoding gzip etag "65059e86-c8" content-type text/css x-iinfo 14-4835486-4834271 3NYN RT(1697797177625 3013) q(0 0 0 -1) r(3 3) U2 cache-control no-cache accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	32.f7b22e74.chunk.js Show response secure.vpbank.com.vn/static/js/	15 KB 6 KB	381ms 381ms	Script application/javascript	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/static/js/32.f7b22e74.chunk.js Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash c9c414cc3fd8aca63f33631f8c9e87ca5a8bf39e486f4637f436e478b218ab6d Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/login?url=/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:41 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Sat, 16 Sep 2023 12:24:38 GMT x-cdn Imperva content-encoding gzip etag "65059e86-3d84" content-type application/javascript x-iinfo 14-4835486-4835562 3NYN RT(1697797177625 3017) q(0 0 0 -1) r(3 3) U2 cache-control no-cache accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	135ms 82ms	Script text/javascript	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LdLk1QcAAAAACOxYCzngVJnVLwYql-OthRz4CyF Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/static/js/17.034f4e40.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 198ece2b0c28d828c0128ecef67307d95a70b1cff782dd5228658f33d3a8433b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://secure.vpbank.com.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 20 Oct 2023 10:19:41 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/	464 KB 186 KB	77ms 23ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LdLk1QcAAAAACOxYCzngVJnVLwYql-OthRz4CyF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.vpbank.com.vn/ Origin https://secure.vpbank.com.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 09:02:44 GMT content-encoding gzip x-content-type-options nosniff age 4617 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 190277 x-xss-protection 0 last-modified Mon, 16 Oct 2023 04:01:46 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 19 Oct 2024 09:02:44 GMT
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame DFC0	57 KB 33 KB	54ms 53ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLk1QcAAAAACOxYCzngVJnVLwYql-OthRz4CyF&co=aHR0cHM6Ly9zZWN1cmUudnBiYW5rLmNvbS52bjo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=q478g8gpghp3 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e104be6b0f406bd38e02de6b801d400dffe6e2ce08debe69e6e0a7f849f9e927 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-z2GG43rX5WL5gB0gxpbq4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://secure.vpbank.com.vn/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-z2GG43rX5WL5gB0gxpbq4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 20 Oct 2023 10:19:41 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame DFC0	55 KB 24 KB	70ms 23ms	Stylesheet text/css	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLk1QcAAAAACOxYCzngVJnVLwYql-OthRz4CyF&co=aHR0cHM6Ly9zZWN1cmUudnBiYW5rLmNvbS52bjo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=q478g8gpghp3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Mon, 16 Oct 2023 16:31:23 GMT content-encoding gzip x-content-type-options nosniff age 323298 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 16 Oct 2023 04:01:46 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 15 Oct 2024 16:31:23 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame DFC0	464 KB 186 KB	56ms 22ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLk1QcAAAAACOxYCzngVJnVLwYql-OthRz4CyF&co=aHR0cHM6Ly9zZWN1cmUudnBiYW5rLmNvbS52bjo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=q478g8gpghp3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 09:02:44 GMT content-encoding gzip x-content-type-options nosniff age 4617 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 190277 x-xss-protection 0 last-modified Mon, 16 Oct 2023 04:01:46 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 19 Oct 2024 09:02:44 GMT
GET H2	200	fontawesome-webfont.woff2 secure.vpbank.com.vn/fonts/	75 KB 76 KB	404ms 402ms	Font font/woff2	45.223.61.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.vpbank.com.vn/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: secure.vpbank.com.vn URL: https://secure.vpbank.com.vn/font-awesome/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.223.61.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://secure.vpbank.com.vn/font-awesome/font-awesome.min.css Origin https://secure.vpbank.com.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:41 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self' last-modified Thu, 07 Sep 2023 07:21:02 GMT x-cdn Imperva etag "64f979de-12d68" content-type font/woff2 x-iinfo 14-4835486-4806410 pNNy RT(1697797177625 3443) q(0 0 0 -1) r(4 4) U2 cache-control no-cache x-incap-sess-cookie-hdr RJZ3OPN6gA/b3jT0L3whCj1UMmUAAAAAnBH+GS5bHiaOSyeZHVqwqg== accept-ranges bytes content-length 77160 x-xss-protection 1; mode=block
GET H2	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	12 KB 12 KB	23ms 21ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://secure.vpbank.com.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 17 Oct 2023 11:44:36 GMT x-content-type-options nosniff age 254105 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11872 x-xss-protection 0 last-modified Wed, 11 May 2022 19:25:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Oct 2024 11:44:36 GMT
GET H2	200	KFOmCnqEu92Fr1Mu7WxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	5 KB 6 KB	28ms 27ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://secure.vpbank.com.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 03:50:37 GMT x-content-type-options nosniff age 23344 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5560 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 19 Oct 2024 03:50:37 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame DFC0	2 KB 2 KB	23ms 22ms	Image image/png	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 00:18:29 GMT x-content-type-options nosniff age 36072 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Fri, 27 Oct 2023 00:18:29 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame DFC0	15 KB 15 KB	23ms 23ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLk1QcAAAAACOxYCzngVJnVLwYql-OthRz4CyF&co=aHR0cHM6Ly9zZWN1cmUudnBiYW5rLmNvbS52bjo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=q478g8gpghp3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 14 Oct 2023 06:47:09 GMT x-content-type-options nosniff age 531152 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 13 Oct 2024 06:47:09 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame DFC0	15 KB 15 KB	23ms 23ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLk1QcAAAAACOxYCzngVJnVLwYql-OthRz4CyF&co=aHR0cHM6Ly9zZWN1cmUudnBiYW5rLmNvbS52bjo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=q478g8gpghp3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Thu, 19 Oct 2023 21:26:35 GMT x-content-type-options nosniff age 46386 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 18 Oct 2024 21:26:35 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame DFC0	102 B 135 B	33ms 32ms	Other text/javascript	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLk1QcAAAAACOxYCzngVJnVLwYql-OthRz4CyF&co=aHR0cHM6Ly9zZWN1cmUudnBiYW5rLmNvbS52bjo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=q478g8gpghp3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 30975b0b631b9f6f88072ddf89478e63d755bff1d6cc5d6d799790067438c578 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLk1QcAAAAACOxYCzngVJnVLwYql-OthRz4CyF&co=aHR0cHM6Ly9zZWN1cmUudnBiYW5rLmNvbS52bjo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=q478g8gpghp3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 10:19:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 20 Oct 2023 10:19:41 GMT

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackJsonpcarloan function| clearImmediate function| setImmediate function| saveAs function| flatpickr function| onRecaptchaLoadCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_944338

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			secure.vpbank.com.vn/	1969-12-31 23:59:59	Name: TS015df990 Value: 01a16eb740da6550812b447e7300fd4963a62241e4aae2fe7ec7509cf783c8d28c36fb9cd910c9168e7e285b66aa900e1df8857cd6
			.vpbank.com.vn/	1970-01-21 00:21:32	Name: visid_incap_3015602 Value: o7kiCXvJTTu/xd/Gr+2u2zlUMmUAAAAAQUIPAAAAAAAy0eA3EWKjdzz9n4OSdbPu
			.vpbank.com.vn/	1969-12-31 23:59:59	Name: incap_ses_730_3015602 Value: aEZyK2tD+Srb3jT0L3whCjpUMmUAAAAAs3klRSTiHKzp68O+iHnaHQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
secure.vpbank.com.vn
www.google.com
www.gstatic.com
2a00:1450:4001:813::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2004
45.223.61.183
0a777ebcace3f6624378b48360c364bc39a0ba963c08dbb3a7186176bbe4d4c6
198ece2b0c28d828c0128ecef67307d95a70b1cff782dd5228658f33d3a8433b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30975b0b631b9f6f88072ddf89478e63d755bff1d6cc5d6d799790067438c578
360982e55a8dddcb8dd8b746336a9e71da37cb518cc3b18578d73aa65f6ca43e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
513a964a181b09c9d99f3cccbe34d3d206c6b0194eafbe250aa627c68f59b106
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
7191cca5ec8029d1d7a3c23822f94df75a7a32d29e84ab8552ec1a7fb87d53f3
72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f
731c669e786dee8e552e62d4d6df9143eb5b912aea5546cafbeca437b399adfa
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
80486a3b075e2e10b5305b14ec4b976a35c73ffdc6b7fdd9b865aaf183d4e60f
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
97717a3f2eaf456c8927acf203d3e545ec32f6802419ad8e726193713daeba59
99868cbd6fc5a6b988a8e324665b130095ec6ad6384236d7dd2c6218fb39dad6
a833fcc3ac35854de717d67d74a696d8e6d26182bed9a53a5e50b579cd358d6f
b5b71b50a250e410dcdbdd30967ce2e02f15db555e812d9115d38586d981548c
b8e72eb6a29b063b4d8be0111646290f0bfd86d7a69e4a6e3efc3f25ccd554e7
c4aefe967a7760a8036c3b621a450131d1642e86f0a628c6b8d1f3393231fbc2
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c9c414cc3fd8aca63f33631f8c9e87ca5a8bf39e486f4637f436e478b218ab6d
d3cbc1cce53e6d72c8d66d33af4b7a74de9ef3509b0df416b19935fcc1e1565e
e104be6b0f406bd38e02de6b801d400dffe6e2ce08debe69e6e0a7f849f9e927
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff71196e4c1ce9457967589d42f3ea7c42b02d2ea4357c6d33fbf1ab2d3dcc15