urlscan.io logo urlscan.io
SecurityTrails logo

itsm-login.vpbank.com.vn Open in urlscan Pro
52.64.37.175  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://itsm-login.vpbank.com.vn/
Effective URL: https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F
Submission: On April 25 via automatic, source certstream-suspicious — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 8 domains to perform 61 HTTP transactions. The main IP is 52.64.37.175, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is itsm-login.vpbank.com.vn.
TLS certificate: Issued by R10 on February 21st 2025. Valid for: 3 months.
This is the only time itsm-login.vpbank.com.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 16 52.64.37.175 16509 (AMAZON-02)
6 142.250.66.195 15169 (GOOGLE)
8 18.67.110.69 16509 (AMAZON-02)
10 172.217.167.67 15169 (GOOGLE)
2 18.67.110.108 16509 (AMAZON-02)
4 151.101.66.217 54113 (FASTLY)
1 18.67.110.24 16509 (AMAZON-02)
2 108.158.20.96 16509 (AMAZON-02)
1 108.158.32.22 16509 (AMAZON-02)
1 3.215.254.142 14618 (AMAZON-AES)
2 44.211.0.243 14618 (AMAZON-AES)
5 142.250.67.3 15169 (GOOGLE)
2 162.159.140.147 13335 (CLOUDFLAR...)
61 14
16    52.64.37.175 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
itsm-login.vpbank.com.vn
6    142.250.66.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f3.1e100.net
www.recaptcha.net
8    18.67.110.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-69.syd62.r.cloudfront.net
dash.freshworks.com
10    172.217.167.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f3.1e100.net
www.gstatic.com
2    18.67.110.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-108.syd62.r.cloudfront.net
fe-perf-assets.freshworks.com
4    151.101.66.217 (San Francisco, United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
1    18.67.110.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-24.syd62.r.cloudfront.net
cdn.heapanalytics.com
2    108.158.20.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-96.syd62.r.cloudfront.net
avatar1.freshworks.com
1    108.158.32.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-22.syd3.r.cloudfront.net
t.contentsquare.net
1    3.215.254.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-254-142.compute-1.amazonaws.com
c.contentsquare.net
2    44.211.0.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-211-0-243.compute-1.amazonaws.com
heapanalytics.com
5    142.250.67.3 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f3.1e100.net
fonts.gstatic.com
2    162.159.140.147 (None, )

ASN13335 (CLOUDFLARENET, US)
rum.haystack.es
Apex Domain
Subdomains		 Transfer
16 vpbank.com.vn
itsm-login.vpbank.com.vn
137 KB
15 gstatic.com
www.gstatic.com
fonts.gstatic.com
633 KB
12 freshworks.com
dash.freshworks.com — Cisco Umbrella Rank: 82244
fe-perf-assets.freshworks.com — Cisco Umbrella Rank: 67416
avatar1.freshworks.com — Cisco Umbrella Rank: 34774
726 KB
6 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1372
99 KB
4 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 5133
17 KB
3 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 6361 Failed
heapanalytics.com — Cisco Umbrella Rank: 4487
39 KB
2 haystack.es
rum.haystack.es — Cisco Umbrella Rank: 26835
2 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3673
c.contentsquare.net — Cisco Umbrella Rank: 4813
86 KB
61 8
Domain Requested by
16 itsm-login.vpbank.com.vn 2 redirects dash.freshworks.com
browser.sentry-cdn.com
10 www.gstatic.com www.recaptcha.net
www.gstatic.com
8 dash.freshworks.com itsm-login.vpbank.com.vn
dash.freshworks.com
6 www.recaptcha.net itsm-login.vpbank.com.vn
dash.freshworks.com
www.gstatic.com
5 fonts.gstatic.com www.recaptcha.net
4 browser.sentry-cdn.com dash.freshworks.com
2 rum.haystack.es browser.sentry-cdn.com
2 heapanalytics.com
2 avatar1.freshworks.com
2 fe-perf-assets.freshworks.com itsm-login.vpbank.com.vn
1 c.contentsquare.net
1 t.contentsquare.net cdn.heapanalytics.com
1 cdn.heapanalytics.com itsm-login.vpbank.com.vn
61 13

This site contains links to these domains. Also see Links.

Domain
www.freshworks.com
Subject Issuer Validity Valid
itsm-login.vpbank.com.vn
R10		 2025-02-21 -
2025-05-22		 3 months crt.sh
misc.google.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.freshworks.com
Amazon RSA 2048 M02		 2024-10-21 -
2025-11-18		 a year crt.sh
*.gstatic.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2025 Q1		 2025-04-07 -
2026-05-09		 a year crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M02		 2024-05-29 -
2025-06-26		 a year crt.sh
t.contentsquare.net
Amazon RSA 2048 M03		 2024-08-13 -
2025-09-10		 a year crt.sh
dep.bf.contentsquare.net
R10		 2025-04-04 -
2025-07-03		 3 months crt.sh
heapanalytics.com
Amazon RSA 2048 M03		 2024-11-18 -
2025-12-17		 a year crt.sh
haystack.es
WE1		 2025-03-16 -
2025-06-14		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F
Frame ID: CB08B72988EF250DA3E9F12BCEB1F63A
Requests: 42 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfoobwUAAAAAGWFjvijr2R9_1_yn-BuSHjfMM2F&co=aHR0cHM6Ly9pdHNtLWxvZ2luLnZwYmFuay5jb20udm46NDQz&hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&size=invisible&cb=3p0tn6n2bhrg
Frame ID: B9A9E725844C63BB2D57244765C472DD
Requests: 7 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&k=6LfoobwUAAAAAGWFjvijr2R9_1_yn-BuSHjfMM2F
Frame ID: 0EFEB19501699238A32185F35EE38824
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Freshworks - Login

Page URL History Show full URLs

  1. https://itsm-login.vpbank.com.vn/ Page URL
  2. https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

61
Requests

92 %
HTTPS

0 %
IPv6

8
Domains

13
Subdomains

14
IPs

3
Countries

1736 kB
Transfer

5967 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://itsm-login.vpbank.com.vn/ Page URL
  2. https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://itsm-login.vpbank.com.vn/api/v2/organisation/-/image?variant=ORIGINAL&entity_type=ORG_FAVICON HTTP 302
  • https://avatar1.freshworks.com/org/au/freshworks_dew_favicon.svg
Request Chain 33
  • https://itsm-login.vpbank.com.vn/api/v2/organisation/-/image?variant=ORIGINAL&entity_type=ORG_LOGO HTTP 302
  • https://avatar1.freshworks.com/org/au/freshworks_title_logo.svg

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
itsm-login.vpbank.com.vn/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://itsm-login.vpbank.com.vn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.37.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
Software
fwe /
Resource Hash
87687ce1efa7e9e0f27ed1921aa427749655ee5a87e0f495207205a66048da17
Security Headers
Name Value
Content-Security-Policy script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob: https: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-security-policy
script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob: https: 'unsafe-eval' 'unsafe-inline'
content-type
text/html
date
Fri, 25 Apr 2025 23:52:31 GMT
last-modified
Thu, 10 Apr 2025 05:34:56 GMT
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
permissions-policy
magnetometer=()
referrer-policy
strict-origin-when-cross-origin
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
server
fwe
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
4
x-frame-options
SAMEORIGIN
x-request-id
61f5bd8b-dafc-4a84-833d-6ba443c7e883
x-trace-id
00-c55fc73f13b05c4cf3aa1e0740e99be6-e6305bec61c65c0e-00
api.js
www.recaptcha.net/recaptcha/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js
Requested by
Host: itsm-login.vpbank.com.vn
URL: https://itsm-login.vpbank.com.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f3.1e100.net
Software
ESF /
Resource Hash
98b4602d89c0700e98d11cafd977b74938d58c28f5e1ae383326c774fa79c7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 25 Apr 2025 23:52:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 25 Apr 2025 23:52:31 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
main.be3824f5.js
dash.freshworks.com/au/static/js/ 		1 MB
378 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dash.freshworks.com/au/static/js/main.be3824f5.js
Requested by
Host: itsm-login.vpbank.com.vn
URL: https://itsm-login.vpbank.com.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-69.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fe38bf9e492c8fe794873b0471c95a76c44e46c9486fca2213823617ae63759
Security Headers
Name Value
Strict-Transport-Security max-age= 31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/

Response headers

content-encoding
gzip
etag
W/"d3e716f0a39e20dbdc07bd78e02c4a94"
age
17128
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
REyfkRvWhUn7h18qHtYwj8ieJPNM5mGnM8uzUDrdXvXru97YUmotFg==
date
Fri, 25 Apr 2025 19:07:04 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 10 Apr 2025 05:35:20 GMT
x-frame-options
DENY
strict-transport-security
max-age= 31536000; includeSubdomains
cache-control
max-age=31536000
via
1.1 948c1c49e6b4d8c0c9b0fdb0a41022ec.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
SYD62-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
main.754f09c9.css
dash.freshworks.com/au/static/css/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dash.freshworks.com/au/static/css/main.754f09c9.css
Requested by
Host: itsm-login.vpbank.com.vn
URL: https://itsm-login.vpbank.com.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-69.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73061c6f3f14faaa251850bd9797a2eec17a860e0a3eda342d3d50d4bc951f73
Security Headers
Name Value
Strict-Transport-Security max-age= 31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/

Response headers

content-encoding
gzip
etag
W/"82123c6bdbb66fe79427eb9c1f946ce1"
age
17128
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
12Xd2ZhnQ6NwX6MXeq_Hqq2Jojb1Gv3YDrwGSj-DojfzsFwNHxE1sA==
date
Fri, 25 Apr 2025 19:07:04 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Thu, 10 Apr 2025 05:35:17 GMT
x-frame-options
DENY
strict-transport-security
max-age= 31536000; includeSubdomains
cache-control
max-age=31536000
via
1.1 948c1c49e6b4d8c0c9b0fdb0a41022ec.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
SYD62-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
recaptcha__en.js
www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/ 		638 KB
271 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
336e6c582c23dc0fb67e2ad68159cfceebee4409a0fb47b51a4323f447bee396
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://itsm-login.vpbank.com.vn
Referer
https://itsm-login.vpbank.com.vn/

Response headers

content-encoding
gzip
age
29092
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 15:47:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 15:47:39 GMT
last-modified
Mon, 21 Apr 2025 02:01:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
276952
x-xss-protection
0
server
sffe
analytics-2.0.0.js
fe-perf-assets.freshworks.com/v2/ 		72 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fe-perf-assets.freshworks.com/v2/analytics-2.0.0.js
Requested by
Host: itsm-login.vpbank.com.vn
URL: https://itsm-login.vpbank.com.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-108.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c30a29708ef9082825242f7847f63831c19161ab04709617aa13050cc5099f46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/

Response headers

cache-control
max-age=31536000,public
etag
"be6dac87edcd09253695f36b3d53bc26"
age
12218298
via
1.1 c7cd0041811f30bfd9c4a00e82b6a3c8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
73491
x-amz-cf-id
bcHLmV4k25H5GSFeYsIPdwTJdbQPxndw1cPnIZRw9eBWmtjUH8yplw==
date
Thu, 05 Dec 2024 13:54:14 GMT
content-type
application/javascript
last-modified
Tue, 19 Sep 2023 05:57:48 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
current
itsm-login.vpbank.com.vn/api/v2/users/ 		225 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://itsm-login.vpbank.com.vn/api/v2/users/current?include=products
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au/static/js/main.be3824f5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.37.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
Software
fwe /
Resource Hash
8580b2aef95a1f8978fc5e431c4738d958d3f5ff9e27929d2eec676939e3a38f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itsm-login.vpbank.com.vn/

Response headers

x-request-id
ea5e2009-55de-4159-8dda-549c0185dc86
x-xsrf-token
598727a2-a939-4969-855b-59096b72c05f.LcHtbqBB0hIG1KiGbwBIYMDbVBKnT3fkhaIYrMDfG/M=
content-encoding
gzip
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
x-content-type-options
nosniff
traceparent
00-1e9ddd7e757a5fded52e792cfeb89898-6cb30c803351cbaf-01
date
Fri, 25 Apr 2025 23:52:31 GMT
trailer
Grpc-Trailer-Content-Type
content-type
application/json
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time
18
x-trace-id
00-1e9ddd7e757a5fded52e792cfeb89898-dbe9ffc54cd4b59a-00
server
fwe
appInitPayload
itsm-login.vpbank.com.vn/api/v2/organisations/-/ 		318 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://itsm-login.vpbank.com.vn/api/v2/organisations/-/appInitPayload
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au/static/js/main.be3824f5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.37.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
Software
fwe /
Resource Hash
57a7b11dade0d9f5e1337d8ebcba1d9cc45c74c1a47260aec1b790db5f90f7b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itsm-login.vpbank.com.vn/

Response headers

x-request-id
0c6c1652-1cf3-999e-bcc8-013be6c3835e
x-xsrf-token
7cef11ca-3da6-405c-a32f-deef333feabe.6RW2trrTgZsEAIzwekn9x3hsEx/RqoIzerf3bQEy4CE=
content-encoding
gzip
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
x-content-type-options
nosniff
grpc-metadata-content-type
application/grpc
traceparent
00-7e683c9071fd7dcb6b130d0c10368929-2717e91ea065bb9b-01
date
Fri, 25 Apr 2025 23:52:31 GMT
content-type
application/json
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
grpc-metadata-grpc-accept-encoding
gzip
x-envoy-upstream-service-time
49
x-trace-id
00-7e683c9071fd7dcb6b130d0c10368929-9fa46731db125eba-01
server
fwe
heap-870388005.js
cdn.heapanalytics.com/js/ 		0
0
captureconsole.min.js
browser.sentry-cdn.com/7.49.0/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/7.49.0/captureconsole.min.js
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au/static/js/main.be3824f5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
95077a0ed809e4e397e218bb457db8702a90e5548db7aecb7b0b8cdf3a558e47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://itsm-login.vpbank.com.vn
Referer
https://itsm-login.vpbank.com.vn/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=31536000
content-encoding
gzip
etag
"a70578b7debe92a7365106b86a016561"
age
2541256
expires
Wed, 25 Feb 2026 17:59:36 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1035
date
Fri, 25 Apr 2025 23:52:31 GMT
last-modified
Thu, 20 Apr 2023 15:07:06 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
Fastly
bundle.min.js
browser.sentry-cdn.com/5.4.3/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.4.3/bundle.min.js
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au/static/js/main.be3824f5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
0b1bf0ba071662ebd49cde2146940aaf3e1ddd6eed66889a88e6c3cf14880cfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://itsm-login.vpbank.com.vn
Referer
https://itsm-login.vpbank.com.vn/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=31536000
content-encoding
gzip
etag
"658e7d6e9cc33e3c79aa42a86a2d16ad"
age
2135013
expires
Wed, 09 Oct 2024 14:54:02 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
16214
date
Fri, 25 Apr 2025 23:52:31 GMT
last-modified
Fri, 21 Jun 2019 13:28:31 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Fastly
products
itsm-login.vpbank.com.vn/api/v2/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://itsm-login.vpbank.com.vn/api/v2/products
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au/static/js/main.be3824f5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.37.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
Software
fwe /
Resource Hash
6d1c9cddce9bb034539727e1f7d23f10ce79595c2de3cc92ac741e936729a5c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-XSRF-TOKEN
7cef11ca-3da6-405c-a32f-deef333feabe.6RW2trrTgZsEAIzwekn9x3hsEx/RqoIzerf3bQEy4CE=
Referer
https://itsm-login.vpbank.com.vn/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

x-request-id
5bc53643-8427-4b29-886e-24750afa31ff
x-xsrf-token
56d88a77-4f04-4185-8aa3-e72dee35c058.8YCkDy9n+27dByZ06iTAcEK6uv1yL4Gr7hFKcgNsOHo=
content-encoding
gzip
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
x-content-type-options
nosniff
grpc-metadata-content-type
application/grpc
traceparent
00-494bad080fa9f5ca98238c2a0cebb19f-3056ca531e791dcc-01
date
Fri, 25 Apr 2025 23:52:31 GMT
content-type
application/json
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
grpc-metadata-grpc-accept-encoding
gzip
x-envoy-upstream-service-time
23
x-trace-id
00-494bad080fa9f5ca98238c2a0cebb19f-31579435ed299e91-00
server
fwe
authentications
itsm-login.vpbank.com.vn/api/v2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://itsm-login.vpbank.com.vn/api/v2/authentications
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au/static/js/main.be3824f5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.37.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
Software
fwe /
Resource Hash
58299a576afb23d03133dab28831b151bec0fb5ffa00a65cec72604b19c0b148
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-XSRF-TOKEN
7cef11ca-3da6-405c-a32f-deef333feabe.6RW2trrTgZsEAIzwekn9x3hsEx/RqoIzerf3bQEy4CE=
Referer
https://itsm-login.vpbank.com.vn/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

x-request-id
ce55bc4e-cc9e-487a-95d0-f5c3cb0c2053
x-xsrf-token
4d292fac-01dc-44c1-94ce-cda11b719778.iCsG/+q304FfbXWM4gsjURSjMelpXDM8X5VvfaEPvAo=
content-encoding
gzip
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
x-content-type-options
nosniff
grpc-metadata-content-type
application/grpc
traceparent
00-12fdc921348c40f6c82f4a6b8c65b44c-6e2a631e4f7bc955-01
date
Fri, 25 Apr 2025 23:52:31 GMT
content-type
application/json
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
grpc-metadata-grpc-accept-encoding
gzip
x-envoy-upstream-service-time
32
x-trace-id
00-12fdc921348c40f6c82f4a6b8c65b44c-2beb5de88abd1718-00
server
fwe
cloudtypes
itsm-login.vpbank.com.vn/api/v2/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://itsm-login.vpbank.com.vn/api/v2/cloudtypes
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au/static/js/main.be3824f5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.37.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
Software
fwe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-XSRF-TOKEN
7cef11ca-3da6-405c-a32f-deef333feabe.6RW2trrTgZsEAIzwekn9x3hsEx/RqoIzerf3bQEy4CE=
Referer
https://itsm-login.vpbank.com.vn/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

x-request-id
b751f4d6-b5ca-43bb-bace-b582a29b4901
x-xsrf-token
caf47074-a830-4fe6-a8bf-d50653111cde.v1g4/j8OwJ4OnEHzyCMfeTmo8gkV4yq1wywNMpE+k0Y=
content-encoding
gzip
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
x-content-type-options
nosniff
grpc-metadata-content-type
application/grpc
traceparent
00-655823200db46b10b781f059b40e6e0e-8eedcb8fd22953cc-01
date
Fri, 25 Apr 2025 23:52:31 GMT
content-type
application/json
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
grpc-metadata-grpc-accept-encoding
gzip
x-envoy-upstream-service-time
29
x-trace-id
00-655823200db46b10b781f059b40e6e0e-c81f0a685bcdd70b-00
server
fwe
accounts
itsm-login.vpbank.com.vn/api/v2/ 		225 B
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://itsm-login.vpbank.com.vn/api/v2/accounts
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au/static/js/main.be3824f5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.37.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
Software
fwe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-XSRF-TOKEN
7cef11ca-3da6-405c-a32f-deef333feabe.6RW2trrTgZsEAIzwekn9x3hsEx/RqoIzerf3bQEy4CE=
Referer
https://itsm-login.vpbank.com.vn/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
09c81fbb-4f5b-95c5-8c06-344318c2a041
x-xsrf-token
99e79dfd-e149-490a-bfa0-467a201da297.Y1mFHn0+tpTNVE8K6dkje2Hgx/Wj3/LgweD5DLZH7s8=
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
content-encoding
gzip
x-envoy-upstream-service-time
26
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
x-content-type-options
nosniff
x-trace-id
00-5cdd476c049866fb4981279998fb8603-0718f42c2fdf11a9-01
traceparent
00-5cdd476c049866fb4981279998fb8603-1486997dc8d6d55e-01
date
Fri, 25 Apr 2025 23:52:31 GMT
trailer
Grpc-Trailer-Content-Type
content-type
application/json
vary
Accept-Encoding
server
fwe
bundles
itsm-login.vpbank.com.vn/api/v2/ 		225 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://itsm-login.vpbank.com.vn/api/v2/bundles?include=bundle_types
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au/static/js/main.be3824f5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.37.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
Software
fwe /
Resource Hash
8580b2aef95a1f8978fc5e431c4738d958d3f5ff9e27929d2eec676939e3a38f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-XSRF-TOKEN
7cef11ca-3da6-405c-a32f-deef333feabe.6RW2trrTgZsEAIzwekn9x3hsEx/RqoIzerf3bQEy4CE=
Referer
https://itsm-login.vpbank.com.vn/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
36db8d88-cd0f-4bbb-bc08-777cb3567780
x-xsrf-token
a3c32212-c080-4466-b833-c5db5de9c7e6.q36BKQyvhixV9kilzEGK+p6dwmA54EVtTj/yg1MNvSY=
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
content-encoding
gzip
x-envoy-upstream-service-time
12
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
x-content-type-options
nosniff
x-trace-id
00-348f47eda7253a5d7f136734d13e9361-1d2d9d934bf0851e-00
traceparent
00-348f47eda7253a5d7f136734d13e9361-23452694cbe405e6-01
date
Fri, 25 Apr 2025 23:52:31 GMT
trailer
Grpc-Trailer-Content-Type
content-type
application/json
vary
Accept-Encoding
server
fwe
summary
itsm-login.vpbank.com.vn/api/v2/organisations/-/ 		225 B
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://itsm-login.vpbank.com.vn/api/v2/organisations/-/summary
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au/static/js/main.be3824f5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.37.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
Software
fwe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-XSRF-TOKEN
7cef11ca-3da6-405c-a32f-deef333feabe.6RW2trrTgZsEAIzwekn9x3hsEx/RqoIzerf3bQEy4CE=
Referer
https://itsm-login.vpbank.com.vn/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
087e83bf-5286-49b3-a965-4d2fbeb910c2
x-xsrf-token
8689c746-d13f-43d0-b0dc-e0792fc6c554.VbbRqQKSXYqytLnKd2znLQ/CHYdmjJPzrs4Pc1pIOjQ=
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
content-encoding
gzip
x-envoy-upstream-service-time
18
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
x-content-type-options
nosniff
x-trace-id
00-7cf618964697d6baed8ac70afed90e3e-4045f3cc5062e208-00
traceparent
00-7cf618964697d6baed8ac70afed90e3e-96b00340060a4fc3-01
date
Fri, 25 Apr 2025 23:52:31 GMT
trailer
Grpc-Trailer-Content-Type
content-type
application/json
vary
Accept-Encoding
server
fwe
Primary Request login
itsm-login.vpbank.com.vn/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au/static/js/main.be3824f5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.37.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
Software
fwe /
Resource Hash
59808220f6bc19621e6977fdd9ae6ca385500644e1764458d01f8bd4c1634662
Security Headers
Name Value
Content-Security-Policy script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob: https: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://itsm-login.vpbank.com.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-security-policy
script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob: https: 'unsafe-eval' 'unsafe-inline'
content-type
text/html
date
Fri, 25 Apr 2025 23:52:31 GMT
last-modified
Thu, 10 Apr 2025 05:25:15 GMT
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
permissions-policy
magnetometer=()
referrer-policy
no-referrer-when-downgrade
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
server
fwe
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
x-frame-options
SAMEORIGIN
x-request-id
f7959c0c-646c-4d77-920a-27196b77564a
x-trace-id
00-f821b31ac2e0ebbb8dfe6797878dfd68-a0ceeaea21ae6f03-00
main.a15facc8.js
dash.freshworks.com/au-login/static/js/ 		767 KB
231 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dash.freshworks.com/au-login/static/js/main.a15facc8.js
Requested by
Host: itsm-login.vpbank.com.vn
URL: https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-69.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c0c6b542b105cb63005814da18e3a5c31fb2f72e8a1a63987e1e4e0dc9e7710
Security Headers
Name Value
Strict-Transport-Security max-age= 31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

content-encoding
gzip
etag
W/"28eb567c10b5c4bf2b3968de1996412a"
age
463125
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
g_DkqzxAOiAJk2rrKQGY9tN-Bqk0AcNU4zSjDWuidGtY8otk5FjNog==
date
Sun, 20 Apr 2025 15:13:46 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 10 Apr 2025 05:25:22 GMT
x-frame-options
DENY
strict-transport-security
max-age= 31536000; includeSubdomains
cache-control
max-age=31536000
via
1.1 948c1c49e6b4d8c0c9b0fdb0a41022ec.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
SYD62-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
main.29659904.css
dash.freshworks.com/au-login/static/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dash.freshworks.com/au-login/static/css/main.29659904.css
Requested by
Host: itsm-login.vpbank.com.vn
URL: https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-69.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a8848dda67357b86dcef16de92dcd1d71a5960b584b27aa3d39204aeafe8c83
Security Headers
Name Value
Strict-Transport-Security max-age= 31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

content-encoding
gzip
etag
W/"e70071bbcd8bfe7e01f4a6da89bc70d8"
age
43020
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
ZPe9NCxqzgfhGhryG0CG87SE1FIVSnvg-Ix3BpqPBZXUcyml6h1WCA==
date
Fri, 25 Apr 2025 11:55:31 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Thu, 10 Apr 2025 05:25:21 GMT
x-frame-options
DENY
strict-transport-security
max-age= 31536000; includeSubdomains
cache-control
max-age=31536000
via
1.1 948c1c49e6b4d8c0c9b0fdb0a41022ec.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
SYD62-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
analytics-2.0.0.js
fe-perf-assets.freshworks.com/v2/ 		72 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://fe-perf-assets.freshworks.com/v2/analytics-2.0.0.js
Requested by
Host: itsm-login.vpbank.com.vn
URL: https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-108.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c30a29708ef9082825242f7847f63831c19161ab04709617aa13050cc5099f46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

cache-control
max-age=31536000,public
etag
"be6dac87edcd09253695f36b3d53bc26"
age
12218298
via
1.1 c7cd0041811f30bfd9c4a00e82b6a3c8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
73491
x-amz-cf-id
bcHLmV4k25H5GSFeYsIPdwTJdbQPxndw1cPnIZRw9eBWmtjUH8yplw==
date
Thu, 05 Dec 2024 13:54:14 GMT
content-type
application/javascript
last-modified
Tue, 19 Sep 2023 05:57:48 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
current
itsm-login.vpbank.com.vn/api/v2/users/ 		225 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://itsm-login.vpbank.com.vn/api/v2/users/current?include=products
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au-login/static/js/main.a15facc8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.37.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
Software
fwe /
Resource Hash
8580b2aef95a1f8978fc5e431c4738d958d3f5ff9e27929d2eec676939e3a38f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-XSRF-TOKEN
caf47074-a830-4fe6-a8bf-d50653111cde.v1g4/j8OwJ4OnEHzyCMfeTmo8gkV4yq1wywNMpE+k0Y=
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

x-request-id
0ff33ecc-05c7-4735-9ebd-1c0f3da418ec
x-xsrf-token
ff43c428-b2f9-40b3-863f-38733ad4a99f.5MenGJmuQafRCULshT11Hsxhttavv4ZTmxnR2oUZj64=
content-encoding
gzip
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
x-content-type-options
nosniff
traceparent
00-d1d7f59fc2ebcecea988bedc28688c36-f0ee40adbd43ca98-01
date
Fri, 25 Apr 2025 23:52:31 GMT
trailer
Grpc-Trailer-Content-Type
content-type
application/json
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time
8
x-trace-id
00-d1d7f59fc2ebcecea988bedc28688c36-139ef3c7a18555f2-00
server
fwe
appInitPayload
itsm-login.vpbank.com.vn/api/v2/organisations/-/ 		318 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://itsm-login.vpbank.com.vn/api/v2/organisations/-/appInitPayload
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au-login/static/js/main.a15facc8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.37.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
Software
fwe /
Resource Hash
57a7b11dade0d9f5e1337d8ebcba1d9cc45c74c1a47260aec1b790db5f90f7b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

x-request-target
login
X-XSRF-TOKEN
caf47074-a830-4fe6-a8bf-d50653111cde.v1g4/j8OwJ4OnEHzyCMfeTmo8gkV4yq1wywNMpE+k0Y=
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

x-request-id
1e5389a2-0005-43da-8753-70bf63a6e759
x-xsrf-token
bbe75f17-aaf4-4c03-9482-a164bbfca525.mIYZnnYpvmTq6//Bqk3d9eEiZ1yl7XF4XIdyuE46j4w=
content-encoding
gzip
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
x-content-type-options
nosniff
grpc-metadata-content-type
application/grpc
traceparent
00-b770e55cbf62d6100a1dc7218692a950-067c9aa906c44480-01
date
Fri, 25 Apr 2025 23:52:31 GMT
content-type
application/json
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
grpc-metadata-grpc-accept-encoding
gzip
x-envoy-upstream-service-time
17
x-trace-id
00-b770e55cbf62d6100a1dc7218692a950-2cb6d056a3e4e474-00
server
fwe
favicon.ico
itsm-login.vpbank.com.vn/ 		115 KB
115 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://itsm-login.vpbank.com.vn/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.37.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
Software
fwe /
Resource Hash
0c66ac97739cc86688fe22600cb5ca47d4f82dba4dda60c56edeeb267f0d3bcc
Security Headers
Name Value
Content-Security-Policy script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob: https: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

x-request-id
abd4c967-1a35-4fec-8e9c-b1577a0be7e4
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
x-content-type-options
nosniff
date
Fri, 25 Apr 2025 23:52:31 GMT
content-type
image/x-icon
last-modified
Tue, 01 Apr 2025 07:28:37 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob: https: 'unsafe-eval' 'unsafe-inline'
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time
7
referrer-policy
strict-origin-when-cross-origin
x-trace-id
00-6e56dfb777195f823924705092276eb3-1e9d9eab502e46e2-00
permissions-policy
magnetometer=()
accept-ranges
bytes
content-length
117356
server
fwe
heap-870388005.js
cdn.heapanalytics.com/js/ 		120 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-870388005.js
Requested by
Host: itsm-login.vpbank.com.vn
URL: https://itsm-login.vpbank.com.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-24.syd62.r.cloudfront.net
Software
nginx / Express
Resource Hash
2348e732994608ec14b3cc8f61553dfbf10f33a5b7c5d0ed9bd0e7415cda0fa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

content-encoding
br
etag
W/"1e1b4-NFZxu4sBlQpC3WWLe32bTUeRUQM"
age
20
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
96Onj0WiPu1zvAHM2OnWRfczS7P87Ast73HAOfNmDIMSSvphZ5pxwg==
date
Fri, 25 Apr 2025 23:52:12 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=120
cross-origin-resource-policy
cross-origin
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
x-powered-by
Express
server
nginx
captureconsole.min.js
browser.sentry-cdn.com/7.49.0/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/7.49.0/captureconsole.min.js
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au-login/static/js/main.a15facc8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
95077a0ed809e4e397e218bb457db8702a90e5548db7aecb7b0b8cdf3a558e47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://itsm-login.vpbank.com.vn
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=31536000
content-encoding
gzip
etag
"a70578b7debe92a7365106b86a016561"
age
2541256
expires
Wed, 25 Feb 2026 17:59:36 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1035
date
Fri, 25 Apr 2025 23:52:31 GMT
last-modified
Thu, 20 Apr 2023 15:07:06 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
Fastly
bundle.min.js
browser.sentry-cdn.com/5.4.3/ 		50 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.4.3/bundle.min.js
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au-login/static/js/main.a15facc8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
0b1bf0ba071662ebd49cde2146940aaf3e1ddd6eed66889a88e6c3cf14880cfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://itsm-login.vpbank.com.vn
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=31536000
content-encoding
gzip
etag
"658e7d6e9cc33e3c79aa42a86a2d16ad"
age
2135013
expires
Wed, 09 Oct 2024 14:54:02 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
16214
date
Fri, 25 Apr 2025 23:52:31 GMT
last-modified
Fri, 21 Jun 2019 13:28:31 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Fastly
authentications
itsm-login.vpbank.com.vn/api/v2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://itsm-login.vpbank.com.vn/api/v2/authentications?redirect_uri=https:%2F%2Fitsm-login.vpbank.com.vn%2F
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.3/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.37.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-37-175.ap-southeast-2.compute.amazonaws.com
Software
fwe /
Resource Hash
58299a576afb23d03133dab28831b151bec0fb5ffa00a65cec72604b19c0b148
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

x-request-target
login
X-XSRF-TOKEN
bbe75f17-aaf4-4c03-9482-a164bbfca525.mIYZnnYpvmTq6//Bqk3d9eEiZ1yl7XF4XIdyuE46j4w=
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

x-request-id
4c3b88f3-9b02-9cba-ae4b-13789c4c8ce9
x-xsrf-token
46c93b23-f03d-4fc7-8e55-1791affdef18.4axijdjWeAVi+AOCkqjNhtWW7jwtXOMTWL3MmO+yp8w=
content-encoding
gzip
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
x-content-type-options
nosniff
grpc-metadata-content-type
application/grpc
traceparent
00-d8c0c593163a8bf63195411b64456092-cd7b81f337aecc3a-01
date
Fri, 25 Apr 2025 23:52:32 GMT
content-type
application/json
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
grpc-metadata-grpc-accept-encoding
gzip
x-envoy-upstream-service-time
20
x-trace-id
00-d8c0c593163a8bf63195411b64456092-d2a21df0779bae51-01
server
fwe
6302.af9a026f.chunk.js
dash.freshworks.com/au-login/static/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dash.freshworks.com/au-login/static/js/6302.af9a026f.chunk.js
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au-login/static/js/main.a15facc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-69.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafc028ea3706be7145cfcaeed3edca46c3cc7656ed0a45faa400b0ebcf040d
Security Headers
Name Value
Strict-Transport-Security max-age= 31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

content-encoding
gzip
etag
W/"f4e690ec1ecff5a2db498f943894a4d3"
age
44126
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
1S1Uj0b4KuVe0L45G2m_lRBMbZlmoeJ1V4h_4RglIQRr4YUSKGKTkg==
date
Fri, 25 Apr 2025 11:37:07 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 10 Apr 2025 05:25:22 GMT
x-frame-options
DENY
strict-transport-security
max-age= 31536000; includeSubdomains
cache-control
max-age=31536000
via
1.1 948c1c49e6b4d8c0c9b0fdb0a41022ec.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
SYD62-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
3010.d60b218c.chunk.js
dash.freshworks.com/au-login/static/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dash.freshworks.com/au-login/static/js/3010.d60b218c.chunk.js
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au-login/static/js/main.a15facc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-69.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c65fe6b5771f53ab97bab51c37fbfd2c593f05e8e1a829fc23125fc434222559
Security Headers
Name Value
Strict-Transport-Security max-age= 31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

content-encoding
gzip
etag
W/"26b5facbb112a3eb68301c08ca0cf44c"
age
21669
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
8g1fwpWzamtWbiuIFMClv3pdK1JSe67qKkcEx1p_GGcgOVipV2qA4Q==
date
Fri, 25 Apr 2025 17:51:24 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 10 Apr 2025 05:25:21 GMT
x-frame-options
DENY
strict-transport-security
max-age= 31536000; includeSubdomains
cache-control
max-age=31536000
via
1.1 948c1c49e6b4d8c0c9b0fdb0a41022ec.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
SYD62-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
8121.172f1599.chunk.js
dash.freshworks.com/au-login/static/js/ 		205 B
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dash.freshworks.com/au-login/static/js/8121.172f1599.chunk.js
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au-login/static/js/main.a15facc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-69.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df9ba68d42165aec709895b126795de4bc8946c2d1023888aeeb225dee93a56d
Security Headers
Name Value
Strict-Transport-Security max-age= 31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

etag
"c48dfc1ce75c3c3e04a1b087ad57662c"
age
463124
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
3n4rV38ixnOKKGG-dCC0wagGw8A4jtgFZfV0DpHcwWc1nry5jVt-yg==
date
Sun, 20 Apr 2025 15:13:49 GMT
content-type
application/javascript
last-modified
Thu, 10 Apr 2025 05:25:22 GMT
x-frame-options
DENY
strict-transport-security
max-age= 31536000; includeSubdomains
cache-control
max-age=31536000
via
1.1 948c1c49e6b4d8c0c9b0fdb0a41022ec.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
205
x-xss-protection
1; mode=block
x-amz-cf-pop
SYD62-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
api.js
www.recaptcha.net/recaptcha/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js
Requested by
Host: dash.freshworks.com
URL: https://dash.freshworks.com/au-login/static/js/main.a15facc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f3.1e100.net
Software
ESF /
Resource Hash
98b4602d89c0700e98d11cafd977b74938d58c28f5e1ae383326c774fa79c7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 25 Apr 2025 23:52:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 25 Apr 2025 23:52:31 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
freshworks_dew_favicon.svg
avatar1.freshworks.com/org/au/
Redirect Chain
  • https://itsm-login.vpbank.com.vn/api/v2/organisation/-/image?variant=ORIGINAL&entity_type=ORG_FAVICON
  • https://avatar1.freshworks.com/org/au/freshworks_dew_favicon.svg
10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://avatar1.freshworks.com/org/au/freshworks_dew_favicon.svg
Protocol
H2
Server
108.158.20.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-96.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea005255887a1f2fb463bea2d81c29b10ee744d70dc93e27e7ab61d706cf303f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

x-amz-version-id
null
etag
"2e741ef408a054efc4e5660af746a250"
age
68126
via
1.1 0f7044eb4e8b35c09d88dd64a3263794.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
10282
x-amz-cf-id
VeFxFY--Tva5Pnu3ewoI6PKKice3UTYh5yDKFSCsEFJTW17ehD5Fzg==
date
Fri, 25 Apr 2025 04:57:06 GMT
content-type
image/svg+xml
last-modified
Mon, 09 Dec 2019 13:18:33 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P3
x-amz-server-side-encryption
AES256

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
bb75a5dd-6672-4b84-8bde-ae0785a1aa22
x-xsrf-token
6736d360-ef0d-45d1-ac9c-d632065edae3.Y89c1fgnkMTdly0iseh7vtY+VrSFBJ2Xl2z+JKRKqCw=
location
https://avatar1.freshworks.com/org/au/freshworks_dew_favicon.svg
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time
18
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
x-content-type-options
nosniff
x-trace-id
00-60ac77a2812b7e7748685dc447cbc3f5-78a54c2a9fea048e-00
traceparent
00-60ac77a2812b7e7748685dc447cbc3f5-8690e96fbce1d696-01
content-length
0
date
Fri, 25 Apr 2025 23:52:32 GMT
content-type
application/json
server
fwe
recaptcha__en.js
www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/ 		638 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
336e6c582c23dc0fb67e2ad68159cfceebee4409a0fb47b51a4323f447bee396
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://itsm-login.vpbank.com.vn
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

content-encoding
gzip
age
29092
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 15:47:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 15:47:39 GMT
last-modified
Mon, 21 Apr 2025 02:01:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
276952
x-xss-protection
0
server
sffe
freshworks_title_logo.svg
avatar1.freshworks.com/org/au/
Redirect Chain
  • https://itsm-login.vpbank.com.vn/api/v2/organisation/-/image?variant=ORIGINAL&entity_type=ORG_LOGO
  • https://avatar1.freshworks.com/org/au/freshworks_title_logo.svg
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar1.freshworks.com/org/au/freshworks_title_logo.svg
Protocol
H2
Server
108.158.20.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-96.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eb39499cf9139de9c3181d918423ec45b93250313f7ff01d8df10354ed66e74

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

x-amz-version-id
null
etag
"09c0dcb9285f27e52517c20276a25cf6"
age
50955
via
1.1 0f7044eb4e8b35c09d88dd64a3263794.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
14331
x-amz-cf-id
7Ni63uDbezmMy2BNeR57wSH9f4og8ee6sfHvXG9Fx_TH5urDOXMHEQ==
date
Fri, 25 Apr 2025 09:43:18 GMT
content-type
image/svg+xml
last-modified
Mon, 09 Dec 2019 13:18:33 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P3
x-amz-server-side-encryption
AES256

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
262b53cc-5862-431a-8471-4195945bc13f
x-xsrf-token
7ed43ea3-e1a3-41c9-9f34-ab629dc57fa7.pZZceheZeZJwpq2bs1YongfBMj44ywQlOIa5mH5b/tE=
location
https://avatar1.freshworks.com/org/au/freshworks_title_logo.svg
nel
{ "report_to": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time
27
report-to
{ "group": "nel-endpoint-freshworks360", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.ap-southeast-2.freshedge.net/nelreports/freshworks360"}]}
x-content-type-options
nosniff
x-trace-id
00-352bed6b78beb3d3274d41ae63d08b79-8031bb5af0d76330-00
traceparent
00-352bed6b78beb3d3274d41ae63d08b79-b53246c3db04c148-01
content-length
0
date
Fri, 25 Apr 2025 23:52:32 GMT
content-type
application/json
server
fwe
anchor
www.recaptcha.net/recaptcha/api2/ Frame B9A9 		73 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfoobwUAAAAAGWFjvijr2R9_1_yn-BuSHjfMM2F&co=aHR0cHM6Ly9pdHNtLWxvZ2luLnZwYmFuay5jb20udm46NDQz&hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&size=invisible&cb=3p0tn6n2bhrg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f3.1e100.net
Software
ESF /
Resource Hash
28401f3054687cd3239a8c482901a551e746e32375f748a9f32c726a8b8e50e5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_FzsMjn3u7CalJUsyq4EbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_FzsMjn3u7CalJUsyq4EbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 23:52:32 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
chevron-up.svg
dash.freshworks.com/au-login/assets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dash.freshworks.com/au-login/assets/images/chevron-up.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-69.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e98489a94ec8bcb6bd5cc406b6eb220b38f8af8c06ee72d2bafc93d8a13d5e46
Security Headers
Name Value
Strict-Transport-Security max-age= 31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

content-encoding
gzip
etag
W/"56c4d1cdf62f15720afa2ebcdbe8b02d"
age
240615
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
2TB7jIzifFdFQEWsHa5rgSuxdi6e3ih0HP9fOVu9h-Q8oACQp6QKTA==
date
Wed, 23 Apr 2025 05:02:18 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Thu, 10 Apr 2025 05:25:21 GMT
x-frame-options
DENY
strict-transport-security
max-age= 31536000; includeSubdomains
cache-control
max-age=31536000
via
1.1 948c1c49e6b4d8c0c9b0fdb0a41022ec.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
SYD62-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
d8f3dba4c0e83.js
t.contentsquare.net/uxa/ 		357 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.contentsquare.net/uxa/d8f3dba4c0e83.js
Requested by
Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/heap-870388005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-22.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58d1f2b3b90dc11bc622b1609ac93551f03c2bf0e026926135bd234c94023704

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

content-encoding
br
etag
"c85aefc6a8fac9d0de386ea18ceeaa84"
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
iHn9_3ZZ1uXaZ5wH7Euhm0VfFjj5r2JPZYbOEmfU7wn9_lkag0DEKA==
date
Wed, 23 Apr 2025 20:06:29 GMT
content-type
application/javascript;charset=utf-8
last-modified
Wed, 16 Apr 2025 09:01:50 GMT
vary
Origin
cache-control
max-age=900
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 26131a3cde08b60652129237128292a2.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
87067
x-amz-cf-pop
SYD3-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
c81a398d-3b83-431c-a7cd-42f9ac26c2f0
https://itsm-login.vpbank.com.vn/ 		0
0
pageview
c.contentsquare.net/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.contentsquare.net/pageview?cw=2&happid=870388005&hr=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F&hl=itsm-login.vpbank.com.vn%2Flogin%3Fredirect_uri%3Dhttps%253A%252F%252Fitsm-login.vpbank.com.vn%252F&hpd=itsm-login.vpbank.com.vn&hpp=%2Flogin&hpq=%3Fredirect_uri%3Dhttps%253A%252F%252Fitsm-login.vpbank.com.vn%252F&t=Freshworks%20-%20Login&ex=&dt=30&pvt=n&la=en-AU&uc=1&url=https%3A%2F%2Fitsm-login.vpbank.com.vn%2Flogin%3Fredirect_uri%3Dhttps%253A%252F%252Fitsm-login.vpbank.com.vn%252F&dr=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F&dw=1794&dh=1200&ww=1600&wh=1200&sw=1600&sh=1200&uu=56951011-29e7-ac36-fbc5-0af031077706&sn=1&hd=1745625152&v=15.84.1&pid=114820&pn=1&hsid=7493396476131106&huu=7054621833819783&r=858672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.215.254.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-254-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 24 Oct 1982 23:00:00 GMT
access-control-allow-origin
*
date
Fri, 25 Apr 2025 23:52:33 GMT
content-disposition
inline
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
h
heapanalytics.com/ 		37 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=870388005&u=7054621833819783&v=1151846780547167&s=7493396476131106&b=web&tv=4.0&d=itsm-login.vpbank.com.vn&h=%2Flogin&q=%3Fredirect_uri%3Dhttps%253A%252F%252Fitsm-login.vpbank.com.vn%252F&ts=1745625152198&t=Freshworks%20-%20Login&pr=%2F&sch=1200&scw=1600&r=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F&srp=cs%3A114820%252F56951011-29e7-ac36-fbc5-0af031077706%252F1%252F1%252F9&z=0&st=1745625152300&lv=4.23.6&ld=cdn.heapanalytics.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.211.0.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-0-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods
POST, PUT, GET
access-control-allow-origin
*
content-length
37
date
Fri, 25 Apr 2025 23:52:33 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
h
heapanalytics.com/ 		37 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=870388005&u=7054621833819783&v=1151846780547167&s=7493396476131106&b=web&tv=4.0&sp=d&sp=itsm-login.vpbank.com.vn&sp=h&sp=%2Flogin&sp=q&sp=%3Fredirect_uri%3Dhttps%253A%252F%252Fitsm-login.vpbank.com.vn%252F&sp=ts&sp=1745625152198&sp=r&sp=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F&pp=d&pp=itsm-login.vpbank.com.vn&pp=h&pp=%2Flogin&pp=q&pp=%3Fredirect_uri%3Dhttps%253A%252F%252Fitsm-login.vpbank.com.vn%252F&pp=ts&pp=1745625152198&pp=t&pp=Freshworks%20-%20Login&pp=pr&pp=%2F&d0=itsm-login.vpbank.com.vn&h0=%2Flogin&q0=%3Fredirect_uri%3Dhttps%253A%252F%252Fitsm-login.vpbank.com.vn%252F&ts0=1745625152189&t0=API%3A%20GET_ALLOWED_LOGIN_METHODS_SUCCESS&pr0=%2F&r0=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F&id0=4896775709846735&k0=statusCode&k0=200&srp0=cs%3A114820%252F56951011-29e7-ac36-fbc5-0af031077706%252F1%252F1%252F9&cspid0=114820&cspvid0=1&cssn0=1&csts0=9&csuu0=56951011-29e7-ac36-fbc5-0af031077706&z0=0&st=1745625152301&lv=4.23.6&ld=cdn.heapanalytics.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.211.0.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-0-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods
POST, PUT, GET
access-control-allow-origin
*
content-length
37
date
Fri, 25 Apr 2025 23:52:33 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
styles__ltr.css
www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/ Frame B9A9 		77 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfoobwUAAAAAGWFjvijr2R9_1_yn-BuSHjfMM2F&co=aHR0cHM6Ly9pdHNtLWxvZ2luLnZwYmFuay5jb20udm46NDQz&hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&size=invisible&cb=3p0tn6n2bhrg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
58c977f54c8a264a97b1508fea7a3f7248c8a0d1da4b29062a30cdfcbb550c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.recaptcha.net/

Response headers

content-encoding
gzip
age
28915
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 15:50:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 15:50:37 GMT
last-modified
Mon, 21 Apr 2025 02:01:58 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
content-length
42056
x-xss-protection
0
server
sffe
recaptcha__en.js
www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/ Frame B9A9 		638 KB
271 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfoobwUAAAAAGWFjvijr2R9_1_yn-BuSHjfMM2F&co=aHR0cHM6Ly9pdHNtLWxvZ2luLnZwYmFuay5jb20udm46NDQz&hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&size=invisible&cb=3p0tn6n2bhrg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
336e6c582c23dc0fb67e2ad68159cfceebee4409a0fb47b51a4323f447bee396
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.recaptcha.net/

Response headers

content-encoding
gzip
age
29093
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 15:47:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 15:47:39 GMT
last-modified
Mon, 21 Apr 2025 02:01:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
276952
x-xss-protection
0
server
sffe
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame B9A9 		0
0
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B9A9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/styles__ltr.css

Response headers

age
596154
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 26 Apr 2025 02:16:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Apr 2025 02:16:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
image/png
cache-control
public, max-age=604800
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
content-length
2228
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B9A9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfoobwUAAAAAGWFjvijr2R9_1_yn-BuSHjfMM2F&co=aHR0cHM6Ly9pdHNtLWxvZ2luLnZwYmFuay5jb20udm46NDQz&hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&size=invisible&cb=3p0tn6n2bhrg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://www.recaptcha.net
Referer
https://www.recaptcha.net/

Response headers

age
596205
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 19 Apr 2026 02:15:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Apr 2025 02:15:47 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B9A9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfoobwUAAAAAGWFjvijr2R9_1_yn-BuSHjfMM2F&co=aHR0cHM6Ly9pdHNtLWxvZ2luLnZwYmFuay5jb20udm46NDQz&hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&size=invisible&cb=3p0tn6n2bhrg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://www.recaptcha.net
Referer
https://www.recaptcha.net/

Response headers

age
65789
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 05:36:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 05:36:03 GMT
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15552
x-xss-protection
0
server
sffe
bframe
www.recaptcha.net/recaptcha/api2/ Frame 0EFE 		8 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&k=6LfoobwUAAAAAGWFjvijr2R9_1_yn-BuSHjfMM2F
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f3.1e100.net
Software
ESF /
Resource Hash
f00f549d1cffd7138b76f87f0d142744290154b5a7f97409242d003244bcb41e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-d-YuQgXdEoE9zJ7ylfErVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-d-YuQgXdEoE9zJ7ylfErVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 23:52:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
analytics
rum.haystack.es/freshid/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rum.haystack.es/freshid/analytics
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.3/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

x-auth-token
121db32190fbe328d284ee40d2521506
Referer
https://itsm-login.vpbank.com.vn/login?redirect_uri=https%3A%2F%2Fitsm-login.vpbank.com.vn%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-type
application/json

Response headers

strict-transport-security
max-age=0
x-request-id
149ee755-41df-4de7-b02a-62fac45be410
nel
{ "report_to": "nel-endpoint-sherlock", "max_age": 2592000, "include_subdomains": true}
x-fw-ratelimiting-managed
false
x-envoy-upstream-service-time
1
cf-cache-status
DYNAMIC
report-to
{ "group": "nel-endpoint-sherlock", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/sherlock"}]}
access-control-allow-credentials
true
x-trace-id
00-823d89b314f9674d4066252ea43a5d53-0007cacbd12b5c4c-00
cf-ray
9361c1381e57e7c1-SYD
access-control-allow-origin
https://itsm-login.vpbank.com.vn
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Apr 2025 23:52:33 GMT
vary
Origin
server
cloudflare
analytics
rum.haystack.es/freshid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rum.haystack.es/freshid/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-auth-token
Access-Control-Request-Method
POST
Origin
https://itsm-login.vpbank.com.vn
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-auth-token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://itsm-login.vpbank.com.vn
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
9361c1369c9fe7c1-SYD
content-length
0
date
Fri, 25 Apr 2025 23:52:33 GMT
nel
{ "report_to": "nel-endpoint-sherlock", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-sherlock", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/sherlock"}]}
server
cloudflare
strict-transport-security
max-age=0
x-envoy-upstream-service-time
1
x-fw-ratelimiting-managed
false
x-request-id
7daff7d7-579b-44ff-826e-70190ceaf996
x-trace-id
00-beba0cb409108df9af449aef2f93ef7a-8f13e671719b6682-00
styles__ltr.css
www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/ Frame 0EFE 		77 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&k=6LfoobwUAAAAAGWFjvijr2R9_1_yn-BuSHjfMM2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
58c977f54c8a264a97b1508fea7a3f7248c8a0d1da4b29062a30cdfcbb550c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.recaptcha.net/

Response headers

content-encoding
gzip
age
28915
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 15:50:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 15:50:37 GMT
last-modified
Mon, 21 Apr 2025 02:01:58 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
content-length
42056
x-xss-protection
0
server
sffe
recaptcha__en.js
www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/ Frame 0EFE 		638 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&k=6LfoobwUAAAAAGWFjvijr2R9_1_yn-BuSHjfMM2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
336e6c582c23dc0fb67e2ad68159cfceebee4409a0fb47b51a4323f447bee396
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.recaptcha.net/

Response headers

content-encoding
gzip
age
29093
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 15:47:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 15:47:39 GMT
last-modified
Mon, 21 Apr 2025 02:01:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
276952
x-xss-protection
0
server
sffe
reload
www.recaptcha.net/recaptcha/api2/ Frame 0EFE 		44 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/reload?k=6LfoobwUAAAAAGWFjvijr2R9_1_yn-BuSHjfMM2F
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f3.1e100.net
Software
ESF /
Resource Hash
39ff447c8c1dd7ac97fc6fe28e21bdfffc68d6ef3ea00699eee5881faae72cd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
application/x-protobuffer
Referer
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&k=6LfoobwUAAAAAGWFjvijr2R9_1_yn-BuSHjfMM2F

Response headers

cache-control
private
content-encoding
gzip
cross-origin-resource-policy
same-site
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 25 Apr 2025 23:52:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 25 Apr 2025 23:52:33 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 0EFE 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/styles__ltr.css

Response headers

age
48941
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 02 May 2025 10:16:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 10:16:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
image/png
cache-control
public, max-age=604800
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
content-length
600
x-xss-protection
0
server
sffe
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 0EFE 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/styles__ltr.css

Response headers

age
35382
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 02 May 2025 14:02:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 14:02:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
image/png
cache-control
public, max-age=604800
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
content-length
530
x-xss-protection
0
server
sffe
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 0EFE 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/styles__ltr.css

Response headers

age
49025
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 02 May 2025 10:15:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 10:15:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
image/png
cache-control
public, max-age=604800
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
content-length
665
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0EFE 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://www.recaptcha.net
Referer
https://www.recaptcha.net/

Response headers

age
596205
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 19 Apr 2026 02:15:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Apr 2025 02:15:47 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0EFE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://www.recaptcha.net
Referer
https://www.recaptcha.net/

Response headers

age
48888
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 10:17:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 10:17:45 GMT
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15340
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0EFE 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://www.recaptcha.net
Referer
https://www.recaptcha.net/

Response headers

age
65789
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 05:36:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 05:36:03 GMT
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15552
x-xss-protection
0
server
sffe
payload
www.recaptcha.net/recaptcha/api2/ Frame 0EFE 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.recaptcha.net/recaptcha/api2/payload?p=06AFcWeA6Vui4lPNaVajao10O4tH2M4NDt2TUhsdQN_0wSzbxmmkO-xiusCyNPKWbFd8bvAGRRzlxB0u2aWMVPDf6EQMcnVAOEiYxJ4aVEPgH9unblbrPYKU6Yyn551cgGsNtW7Q702utiXeFnRt5U3hgThLNd7gl0vD71hfaCoSwpEDuhpagzP56lTpRp9k9aahk6K6FaBtP11Q4gltOra8MhHDOH1ioteQ&k=6LfoobwUAAAAAGWFjvijr2R9_1_yn-BuSHjfMM2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f3.1e100.net
Software
ESF /
Resource Hash
a0681a338f684a3347de96773e7744e32e29448f8a45707187fde6c562690a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&k=6LfoobwUAAAAAGWFjvijr2R9_1_yn-BuSHjfMM2F

Response headers

cache-control
private, max-age=30
cross-origin-resource-policy
same-site
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 25 Apr 2025 23:52:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 25 Apr 2025 23:52:33 GMT
x-xss-protection
0
content-type
image/jpeg
server
ESF
x-frame-options
SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.heapanalytics.com
URL
https://cdn.heapanalytics.com/js/heap-870388005.js
Domain
itsm-login.vpbank.com.vn
URL
blob:https://itsm-login.vpbank.com.vn/c81a398d-3b83-431c-a7cd-42f9ac26c2f0
Domain
www.recaptcha.net
URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=w0_qmZVSdobukXrBwYd9dTF7

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| FW_RUM number| ANALYTICS_INTERFACE_HISTORY_LENGTH function| parcelRequire object| webpackChunkfreshid_ui_v2 object| __SECRET_EMOTION__ object| FW_RUM_REACT_ADAPTER object| scCGSHMRCache function| onHeapLoad function| onSentryLoad object| pathsToRedact string| REDACT_STR object| regExp object| PROPS_TO_REDACT function| getStringFromMatches function| redactedValueIfRequired object| heap function| initSentry object| Sentry object| __SENTRY__ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_124299 object| _uxa object| CS_CONF function| csSetTimeout function| csQueueMicrotask function| csClearTimeout function| csSetInterval function| csClearInterval function| csSymbol object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen function| csRegExp object| csquerySelector object| csquerySelectorAll function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| CSCurrentScript object| UXAnalytics

7 Cookies

Domain/Path Name / Value
www.recaptcha.net/recaptcha Name: _GRECAPTCHA
Value: 09AMNxLB-0IZ9r0dioY9fMrbCq7mHSBlHzT6cZ03EpdCG_b17qhidLtPIUUFGH90Uh6eoyd5uipW58eg2qrN81bGE
itsm-login.vpbank.com.vn/ Name: XSRF-TOKEN
Value: 7ed43ea3-e1a3-41c9-9f34-ab629dc57fa7.pZZceheZeZJwpq2bs1YongfBMj44ywQlOIa5mH5b/tE=
.vpbank.com.vn/ Name: _hp2_id.870388005
Value: %7B%22userId%22%3A%227054621833819783%22%2C%22pageviewId%22%3A%221151846780547167%22%2C%22sessionId%22%3A%227493396476131106%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.vpbank.com.vn/ Name: _cs_c
Value: 1
.vpbank.com.vn/ Name: _cs_id
Value: 56951011-29e7-ac36-fbc5-0af031077706.1745625152.1.1745625152.1745625152.1734932206.1779789152287.1.x
.vpbank.com.vn/ Name: _cs_s
Value: 1.0.0.9.1745626952301
.vpbank.com.vn/ Name: _hp2_ses_props.870388005
Value: %7B%22r%22%3A%22https%3A%2F%2Fitsm-login.vpbank.com.vn%2F%22%2C%22ts%22%3A1745625152198%2C%22d%22%3A%22itsm-login.vpbank.com.vn%22%2C%22h%22%3A%22%2Flogin%22%2C%22q%22%3A%22%3Fredirect_uri%3Dhttps%253A%252F%252Fitsm-login.vpbank.com.vn%252F%22%7D

5 Console Messages

Source Level URL
Text
network error URL: https://itsm-login.vpbank.com.vn/api/v2/users/current?include=products
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://itsm-login.vpbank.com.vn/api/v2/bundles?include=bundle_types
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://itsm-login.vpbank.com.vn/api/v2/organisations/-/summary
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://itsm-login.vpbank.com.vn/api/v2/accounts
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://itsm-login.vpbank.com.vn/api/v2/users/current?include=products
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob: https: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avatar1.freshworks.com
browser.sentry-cdn.com
c.contentsquare.net
cdn.heapanalytics.com
dash.freshworks.com
fe-perf-assets.freshworks.com
fonts.gstatic.com
heapanalytics.com
itsm-login.vpbank.com.vn
rum.haystack.es
t.contentsquare.net
www.gstatic.com
www.recaptcha.net
cdn.heapanalytics.com
itsm-login.vpbank.com.vn
www.recaptcha.net
108.158.20.96
108.158.32.22
142.250.66.195
142.250.67.3
151.101.66.217
162.159.140.147
172.217.167.67
18.67.110.108
18.67.110.24
18.67.110.69
3.215.254.142
44.211.0.243
52.64.37.175
0b1bf0ba071662ebd49cde2146940aaf3e1ddd6eed66889a88e6c3cf14880cfd
0c66ac97739cc86688fe22600cb5ca47d4f82dba4dda60c56edeeb267f0d3bcc
0eafc028ea3706be7145cfcaeed3edca46c3cc7656ed0a45faa400b0ebcf040d
0eb39499cf9139de9c3181d918423ec45b93250313f7ff01d8df10354ed66e74
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2348e732994608ec14b3cc8f61553dfbf10f33a5b7c5d0ed9bd0e7415cda0fa7
28401f3054687cd3239a8c482901a551e746e32375f748a9f32c726a8b8e50e5
2c0c6b542b105cb63005814da18e3a5c31fb2f72e8a1a63987e1e4e0dc9e7710
336e6c582c23dc0fb67e2ad68159cfceebee4409a0fb47b51a4323f447bee396
39ff447c8c1dd7ac97fc6fe28e21bdfffc68d6ef3ea00699eee5881faae72cd3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57a7b11dade0d9f5e1337d8ebcba1d9cc45c74c1a47260aec1b790db5f90f7b1
58299a576afb23d03133dab28831b151bec0fb5ffa00a65cec72604b19c0b148
58c977f54c8a264a97b1508fea7a3f7248c8a0d1da4b29062a30cdfcbb550c97
58d1f2b3b90dc11bc622b1609ac93551f03c2bf0e026926135bd234c94023704
59808220f6bc19621e6977fdd9ae6ca385500644e1764458d01f8bd4c1634662
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6d1c9cddce9bb034539727e1f7d23f10ce79595c2de3cc92ac741e936729a5c6
73061c6f3f14faaa251850bd9797a2eec17a860e0a3eda342d3d50d4bc951f73
7a8848dda67357b86dcef16de92dcd1d71a5960b584b27aa3d39204aeafe8c83
8580b2aef95a1f8978fc5e431c4738d958d3f5ff9e27929d2eec676939e3a38f
87687ce1efa7e9e0f27ed1921aa427749655ee5a87e0f495207205a66048da17
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8fe38bf9e492c8fe794873b0471c95a76c44e46c9486fca2213823617ae63759
95077a0ed809e4e397e218bb457db8702a90e5548db7aecb7b0b8cdf3a558e47
98b4602d89c0700e98d11cafd977b74938d58c28f5e1ae383326c774fa79c7ab
a0681a338f684a3347de96773e7744e32e29448f8a45707187fde6c562690a64
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c30a29708ef9082825242f7847f63831c19161ab04709617aa13050cc5099f46
c65fe6b5771f53ab97bab51c37fbfd2c593f05e8e1a829fc23125fc434222559
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
df9ba68d42165aec709895b126795de4bc8946c2d1023888aeeb225dee93a56d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98489a94ec8bcb6bd5cc406b6eb220b38f8af8c06ee72d2bafc93d8a13d5e46
ea005255887a1f2fb463bea2d81c29b10ee744d70dc93e27e7ab61d706cf303f
f00f549d1cffd7138b76f87f0d142744290154b5a7f97409242d003244bcb41e