live.vcita.com Open in urlscan Pro
104.18.7.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clickme.vcita.com/ls/click?upn=u001.MFYqxYI6UpOPHwmbk2R0hD4tg9s1jk7SzdZjItYcEBMetDv2VkRKd4L2X-2Btvm-2FxDcg5Yv5pE-2...
Effective URL:
https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagemen...
Submission: On May 01 via manual (May 1st 2024, 5:02:00 pm UTC) from SG — Scanned from SG

Summary HTTP 75 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 75 HTTP transactions. The main IP is 104.18.7.170, located in and belongs to CLOUDFLARENET, US. The main domain is live.vcita.com. The Cisco Umbrella rank of the primary domain is 678666.
TLS certificate: Issued by GTS CA 1P5 on April 23rd 2024. Valid for: 3 months.

This is the only time live.vcita.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	108.156.133.123 108.156.133.123	16509 (AMAZON-02) (AMAZON-02)
2 15	104.18.7.170 104.18.7.170	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 11	104.18.26.3 104.18.26.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	74.125.68.95 74.125.68.95	15169 (GOOGLE) (GOOGLE)
1 1	108.158.4.72 108.158.4.72	16509 (AMAZON-02) (AMAZON-02)
1	138.199.46.67 138.199.46.67	60068 (CDN77 _) (CDN77 _)
6	13.225.0.83 13.225.0.83	16509 (AMAZON-02) (AMAZON-02)
1	13.33.47.12 13.33.47.12	16509 (AMAZON-02) (AMAZON-02)
4	104.16.79.73 104.16.79.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	74.125.200.94 74.125.200.94	15169 (GOOGLE) (GOOGLE)
3	23.202.128.182 23.202.128.182	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.101.65.137 151.101.65.137	54113 (FASTLY) (FASTLY)
1	142.251.10.106 142.251.10.106	15169 (GOOGLE) (GOOGLE)
2	13.33.88.13 13.33.88.13	16509 (AMAZON-02) (AMAZON-02)
18	108.156.133.34 108.156.133.34	16509 (AMAZON-02) (AMAZON-02)
1	130.211.5.208 130.211.5.208	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.217.194.95 172.217.194.95	15169 (GOOGLE) (GOOGLE)
1	104.18.27.3 104.18.27.3	() ()
75	17

1 108.156.133.123 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-156-133-123.sin2.r.cloudfront.net

clickme.vcita.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.18.7.170 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

live.vcita.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clients.vcita.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api2.vcita.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.26.3 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.vcita.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.68.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.4.72 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-158-4-72.sin2.r.cloudfront.net

d1azc1qln24ryf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.46.67 (Singapore, Singapore)

ASN60068 (CDN77 _, GB)
PTR: 138-199-46-67.bunnyinfra.net

cdn.icomoon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.0.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-0-83.sin52.r.cloudfront.net

d27yogw9sew6u9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.47.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-47-12.sin2.r.cloudfront.net

d2ra6nuwn69ktl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.79.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.202.128.182 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-128-182.deploy.static.akamaitechnologies.com

c15117557.ssl.cf2.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.106 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.88.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-13.sin2.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 108.156.133.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-133-34.sin2.r.cloudfront.net

djbvmk5k5vh9e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.5.208 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 208.5.211.130.bc.googleusercontent.com

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.27.3 (None, )

ASN- ()

api.vcita.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	vcita.com 5 redirects clickme.vcita.com — Cisco Umbrella Rank: 888568 live.vcita.com — Cisco Umbrella Rank: 678666 www.vcita.com — Cisco Umbrella Rank: 74060 clients.vcita.com — Cisco Umbrella Rank: 651669 api2.vcita.com — Cisco Umbrella Rank: 315348	37 KB
26	cloudfront.net 1 redirects d1azc1qln24ryf.cloudfront.net d27yogw9sew6u9.cloudfront.net d2ra6nuwn69ktl.cloudfront.net djbvmk5k5vh9e.cloudfront.net	3 MB
5	gstatic.com fonts.gstatic.com	47 KB
4	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 817	7 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 maps.googleapis.com — Cisco Umbrella Rank: 362	81 KB
3	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2501	114 KB
3	rackcdn.com c15117557.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 129188	10 KB
2	stripe.com js.stripe.com — Cisco Umbrella Rank: 1162	167 KB
1	vcita.biz api.vcita.biz
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3832	19 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2
1	icomoon.io cdn.icomoon.io — Cisco Umbrella Rank: 13599	3 KB
75	12

	Domain	Requested by
18	djbvmk5k5vh9e.cloudfront.net	clients.vcita.com djbvmk5k5vh9e.cloudfront.net
11	www.vcita.com	2 redirects d27yogw9sew6u9.cloudfront.net live.vcita.com static.cloudflareinsights.com www.vcita.com
7	api2.vcita.com	djbvmk5k5vh9e.cloudfront.net
6	d27yogw9sew6u9.cloudfront.net	live.vcita.com d27yogw9sew6u9.cloudfront.net
6	live.vcita.com	2 redirects live.vcita.com static.cloudflareinsights.com
5	fonts.gstatic.com	fonts.googleapis.com
4	static.cloudflareinsights.com	live.vcita.com www.vcita.com clients.vcita.com
3	res.cloudinary.com	live.vcita.com clients.vcita.com
3	c15117557.ssl.cf2.rackcdn.com	live.vcita.com djbvmk5k5vh9e.cloudfront.net
2	maps.googleapis.com	djbvmk5k5vh9e.cloudfront.net
2	js.stripe.com	clients.vcita.com js.stripe.com
2	clients.vcita.com	d27yogw9sew6u9.cloudfront.net djbvmk5k5vh9e.cloudfront.net
2	fonts.googleapis.com	live.vcita.com clients.vcita.com
1	api.vcita.biz	djbvmk5k5vh9e.cloudfront.net
1	cdn.mxpnl.com	djbvmk5k5vh9e.cloudfront.net
1	www.google.com	d27yogw9sew6u9.cloudfront.net
1	d2ra6nuwn69ktl.cloudfront.net	live.vcita.com
1	cdn.icomoon.io	live.vcita.com
1	d1azc1qln24ryf.cloudfront.net	1 redirects
1	clickme.vcita.com	1 redirects
75	20

This site contains no links.

Subject Issuer	Validity	Valid
vcita.com GTS CA 1P5	`2024-04-23` - `2024-07-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
www.vcita.com GTS CA 1P5	`2024-04-24` - `2024-07-23`	3 months	crt.sh
*.ssl.cf2.rackcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-24` - `2024-11-27`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-14` - `2024-06-22`	6 months	crt.sh
www.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-03-27` - `2024-06-27`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
api.vcita.biz GTS CA 1P5	`2024-03-31` - `2024-06-29`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false
Frame ID: F04FF640BF61001E90A2B42A790230A0
Requests: 18 HTTP requests in this frame

Frame: https://live.vcita.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Frame ID: EAD58965816D7BD50517784F83AE2257
Requests: 2 HTTP requests in this frame

Frame: https://www.vcita.com/api/client_zones/qac9nj8ifzmr5ryy/account/active_engage_gate
Frame ID: 309434BA46C42D77B5C0E37B9276D2F5
Requests: 7 HTTP requests in this frame

Frame: https://clients.vcita.com/portal/qac9nj8ifzmr5ryy
Frame ID: 7B7CBAE6515AC963EF1476A1964A8C0C
Requests: 38 HTTP requests in this frame

Frame: https://www.vcita.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Frame ID: 51FB3AC8DA651BFE4C482BD0869DD804
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?key=AIzaSyCE9OftC4I-tJbUqtItGI76CX87RY-h2aU&q=hi%20hi}
Frame ID: 5E8D162215468F950786BEAAB959D65A
Requests: 1 HTTP requests in this frame

Frame: https://www.vcita.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: 81FF2866255865B87AD6ED54629614D8
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 2D44C9895C6B874C9EF45220A32A86A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Best-Buy-Solution, +1 813 776 1410

Page URL History Show full URLs

https://clickme.vcita.com/ls/click?upn=u001.MFYqxYI6UpOPHwmbk2R0hD4tg9s1jk7SzdZjItYcEBMetDv2VkRKd4L2X-... HTTP 302
https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?token=DMah7NXvEQ5BGGzbaHfq&from_email=true&requ... HTTP 302
https://www.vcita.com/v/qac9nj8ifzmr5ryy/home?token=DMah7NXvEQ5BGGzbaHfq&return_to=https%3A%2F%2Fl... HTTP 302
https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooq... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

75
Requests

91 %
HTTPS

0 %
IPv6

12
Domains

20
Subdomains

17
IPs

3
Countries

3241 kB
Transfer

9900 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clickme.vcita.com/ls/click?upn=u001.MFYqxYI6UpOPHwmbk2R0hD4tg9s1jk7SzdZjItYcEBMetDv2VkRKd4L2X-2Btvm-2FxDcg5Yv5pE-2FDYVzRsVtFMSFVXAWcF-2Be-2Ff0iMuqJ38Dd09opQGZrcSwhe9hi6Y4PDbd-2BqH1nohXBZyJzzshgFwMJS1kw6Fa2Sk70Mzb4-2B7Lure6au6Y-2BG1Guk1hJAExCxorYUBTeuTaPYDdcnkIE1t4Oq8lFtRzHq7T6R5sQ0h-2BzxRzVj-2BWpv6pbQWLFpQ3h18jzBa0uhN-2FBAE4bgaT5zLHUEf8kv-2FmqlV5knk85LHHh6aTM01ummT2nBovlEI6PV9mus6pvU0t-2BMvKDPxbDU3awJK6h0XzkSSVOgwWX99u6Cx5HOXcnb2BW2eDTm0TGFArzQej4Ya8l4VKOkvRPm22iSQsGg2uXs76DUd0TjuohQmmkrq3AMfIKNDpPDEyiTlZDAJ7FHpcBhjyaO6-2FVxrKjqNbnWAYQLRMLyNOuoM8oIU-3DH_hJ_JldpX0Kh8GmjTYy9uQNf0H03deET7OY8RefWUiTeTiTj-2FVV3g2j99Z08z3d1E4iQ8GbLit6ZoUnYQxmWaxJMysx2rhjSwfbkYqwuW2W-2Fds1URfnvHlQtMgVDH9AUsF4vhpvzOLLmiHzzmjhOXp0YbJnzbyVco2Kq6oaqp-2BPFJJhqa273pNl09WYMDAV213M-2Fz6FyBpTsN0IZ4OGqULyW9TkrCYhtudad8Dv71eSjyi8G3VlKynPVlh3dw848PaTWBvkas6acyZzM4-2FIJ00Nh7sEDtcPVHZ0n-2BlCvQr6Xs2Pjjjobu0VmW0dPXAuHFIR6l-2FxKmx8HpidvqLeHJXMd2UefI-2BHZkHkrFgWX75HeUhFWqJ-2BM-2B-2BATJai0M6MLIcSW HTTP 302
https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?token=DMah7NXvEQ5BGGzbaHfq&from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false HTTP 302
https://www.vcita.com/v/qac9nj8ifzmr5ryy/home?token=DMah7NXvEQ5BGGzbaHfq&return_to=https%3A%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Ffrom_email%3Dtrue%26requested_path%3D%2Finvoices%2Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26o%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%3D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26pay%3Dfalse HTTP 302
https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://d1azc1qln24ryf.cloudfront.net/165482/Vitrage/style-cf.css?4zicvr?1.0-ART-8bb8c820781223b4b03cca66856153aa HTTP 302
https://cdn.icomoon.io/165482/Vitrage/style-cf.css

Request Chain 9

https://live.vcita.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://live.vcita.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

Request Chain 20

https://www.vcita.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.vcita.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

75 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request action Show response
live.vcita.com/site/qac9nj8ifzmr5ryy/
Redirect Chain

https://clickme.vcita.com/ls/click?upn=u001.MFYqxYI6UpOPHwmbk2R0hD4tg9s1jk7SzdZjItYcEBMetDv2VkRKd4L2X-2Btvm-2FxDcg5Yv5pE-2FDYVzRsVtFMSFVXAWcF-2Be-2Ff0iMuqJ38Dd09opQGZrcSwhe9hi6Y4PDbd-2BqH1nohXBZyJz...
https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?token=DMah7NXvEQ5BGGzbaHfq&from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow...
https://www.vcita.com/v/qac9nj8ifzmr5ryy/home?token=DMah7NXvEQ5BGGzbaHfq&return_to=https%3A%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Ffrom_email%3Dtrue%26requested_path%3D%2Finvoices...
https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=m...

27 KB
8 KB

379ms
379ms

Document
text/html

104.18.7.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a0ab113e3cf272c2748c0ddbf8a0fc6f9115ff04b29a5df6f0fd74fc3136ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-expose-headers: X-Platform
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 87d15600ae3aa02d-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 01 May 2024 17:01:52 GMT
p3p: CP="CAO PSA OUR"
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
status: 200 OK
x-amzn-trace-id: f1480e8b129cbb0f0a1cbfd27cd3938c
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: ALLOWALL
x-permitted-cross-domain-policies: none
x-platform: true
x-request-id: c8c1e1d01908d7a23af730a6a6860da4
x-runtime: 0.010466
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 87d155fa4a699c21-SIN
content-type: text/html; charset=utf-8
date: Wed, 01 May 2024 17:01:52 GMT
location: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
server: cloudflare
status: 302 Found
x-frame-options: ALLOWALL
x-rack-cache: miss
x-request-id: f0ab4b5cfd1b68bde8282d5c203da2a9
x-runtime: 0.108845
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 546ms
49ms Stylesheet
text/css 74.125.68.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: live.vcita.com
URL: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f95.1e100.net

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 May 2024 17:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 May 2024 16:51:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 May 2024 17:01:52 GMT

GET
H2

200

style-cf.css
cdn.icomoon.io/165482/Vitrage/
Redirect Chain

https://d1azc1qln24ryf.cloudfront.net/165482/Vitrage/style-cf.css?4zicvr?1.0-ART-8bb8c820781223b4b03cca66856153aa
https://cdn.icomoon.io/165482/Vitrage/style-cf.css

13 KB
3 KB

616ms
123ms

Stylesheet
text/css

138.199.46.67
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.icomoon.io/165482/Vitrage/style-cf.css
Requested by: Host: live.vcita.com
URL: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false
Protocol: H2
Server: 138.199.46.67 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-46-67.bunnyinfra.net
Software: BunnyCDN-SG1-869 /
Resource Hash: 70973ded0c5fce89c6fd4ac5440077e68158f374e5f01cd3f5738dcb9a135ef2

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Referer: https://live.vcita.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 01 May 2024 17:01:53 GMT
content-encoding: br
cdn-edgestorageid: 944
cdn-cachedat: 04/15/2024 22:46:32
cdn-pullzone: 1460617
last-modified: Thu, 20 Jul 2023 12:43:44 GMT
server: BunnyCDN-SG1-869
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"4a9dd236d6f15bb240427bb327ea9482"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 573d418e5d5cf0a263f4232cf0e308f4
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Wed, 01 May 2024 17:01:52 GMT
via: 1.1 1e6d2b7781bdded089f18a79a3020a62.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-P3
vary: Origin
x-cache: FunctionGeneratedResponse from cloudfront
location: https://cdn.icomoon.io/165482/Vitrage/style-cf.css
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: k0k0vist41vN2gMjr88E-yQoSuWuPgVHSwBM5c_CRukplILlLBxtvQ==

GET
H2 200 vendor-abb98304066173eda1ce9d72453571ac623d64e2074b1b60a309c146848f8d28.css
d27yogw9sew6u9.cloudfront.net/site/assets/ 196 KB
25 KB 232ms
85ms Stylesheet
text/css 13.225.0.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/vendor-abb98304066173eda1ce9d72453571ac623d64e2074b1b60a309c146848f8d28.css
Requested by: Host: live.vcita.com
URL: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.0.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-0-83.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d7b8f4fac61ab33ed4f14e0f9fe4dbdc98633267df1ea75add4bec949b6e8e6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: oSTK7M84SujVKtCoPZnPh38mlMReY6GB
content-encoding: gzip
via: 1.1 6b0d2463e38d8b2224f25b309fde2ba2.cloudfront.net (CloudFront)
date: Wed, 01 May 2024 01:43:33 GMT
last-modified: Wed, 10 Apr 2024 08:01:04 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 55976
x-amz-server-side-encryption: AES256
etag: W/"162e6c20e1aae95bbaad4c311613cba1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
x-amz-cf-id: 1VHiWic9n_4SzmKGF4ZPo0MgvSWy5qcue4D7N2uoqN0CW2bAEJ1Ajg==

GET
H2 200 application-feecda73627d82e74f4101c4aaf31efcf71c3997e8a4ba697c3d9ce6a36339a6.css
d27yogw9sew6u9.cloudfront.net/site/assets/ 66 KB
13 KB 200ms
53ms Stylesheet
text/css 13.225.0.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/application-feecda73627d82e74f4101c4aaf31efcf71c3997e8a4ba697c3d9ce6a36339a6.css
Requested by: Host: live.vcita.com
URL: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.0.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-0-83.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e99a0c301ded3af0ad3e5ccdee4d2977a9470a97c7fa506a4a296de6cf1126e4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: HC.Rmt4ooGPQ9ekU6dPJUu18TTVHbRAU
content-encoding: gzip
via: 1.1 6b0d2463e38d8b2224f25b309fde2ba2.cloudfront.net (CloudFront)
date: Wed, 01 May 2024 00:44:41 GMT
last-modified: Wed, 10 Apr 2024 08:01:02 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 58632
x-amz-server-side-encryption: AES256
etag: W/"c87e70469af4bc1af024ffc148d42d10"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
x-amz-cf-id: FK0Lxo4wJGeNKxFka0F0_w0t0OTE1iknbWBiiKklfx62cay-K3fysw==

GET
H2 200 vendor-fc4c0f4ad73b1e591be153e79357d1bcc3b6981af62fd086c0b2c1fb0ea201a0.js Show response
d27yogw9sew6u9.cloudfront.net/site/assets/ 1 MB
363 KB 202ms
55ms Script
application/x-javascript 13.225.0.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/vendor-fc4c0f4ad73b1e591be153e79357d1bcc3b6981af62fd086c0b2c1fb0ea201a0.js
Requested by: Host: live.vcita.com
URL: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.0.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-0-83.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bdbf5910788c62244e3ff8b0ad8dc95f31dfda9d7f4a2ebb7b8a587ccb99972f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 03:47:39 GMT
x-amz-version-id: rVMJkIvvSrxC5s8hjDpIyh1RaM44Jynz
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 08:01:04 GMT
server: AmazonS3
via: 1.1 6b0d2463e38d8b2224f25b309fde2ba2.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"f96beb4940c38b291ddf9f053a231e4a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
age: 47654
x-amz-replication-status: COMPLETED
x-amz-cf-id: _fOrrCvPtfQlsciCR9voFJRWXq5e8SXk90kapmkxNylbsh3wNNnM9Q==

GET
H2 200 application-cfca119d03d30f877805cb22d1d05ae1efbc4e7aaff7a25238070b82af74b74f.js Show response
d27yogw9sew6u9.cloudfront.net/site/assets/ 332 KB
63 KB 229ms
82ms Script
application/x-javascript 13.225.0.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/application-cfca119d03d30f877805cb22d1d05ae1efbc4e7aaff7a25238070b82af74b74f.js
Requested by: Host: live.vcita.com
URL: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.0.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-0-83.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9934604c73c12cab5bc62105b25f7b414f23defe8573e28e77264495f47778b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 03:47:39 GMT
x-amz-version-id: OI_DSqxEg23CMPbE3S0lwO0yEHwCLbHD
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 08:01:02 GMT
server: AmazonS3
via: 1.1 6b0d2463e38d8b2224f25b309fde2ba2.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"600a06aa43eb04d851ab8fdd9f592db3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
age: 47654
x-amz-replication-status: COMPLETED
x-amz-cf-id: lWQFFTsVZidPn4tb1mbJYaRto9l_v-DTTdz-01ojEQHrAz7lpuCD-Q==

GET
H2 200 livesite.js Show response
d2ra6nuwn69ktl.cloudfront.net/assets/ 179 KB
59 KB 195ms
48ms Script
application/x-javascript 13.33.47.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?ver=1714582912
Requested by: Host: live.vcita.com
URL: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.47.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-47-12.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c8352ddf516bf97f2cefd10041a447856f6e3e5dd29ac68fa615bfd152aad33

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ETO9QzZ52idHFK7yqgyzvMEnlf45SPNR
content-encoding: gzip
via: 1.1 688d077d459126044c73cddb0faa7b3c.cloudfront.net (CloudFront)
date: Wed, 01 May 2024 09:00:06 GMT
last-modified: Wed, 24 Apr 2024 11:35:15 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 65018
x-amz-server-side-encryption: AES256
etag: W/"c99ad10a6956108fd9a07f8a1c843444"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-replication-status: COMPLETED
x-amz-cf-id: mYj6Ke2YfkJOJgPw_Jg3S9RjVcwBX23SVhcGtg6MtlMy6mCECIpemg==

GET
H2 200 v55bfa2fee65d44688e90c00735ed189a1713218998793 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 668ms
175ms Script
text/javascript 104.16.79.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by: Host: live.vcita.com
URL: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=/invoices/k52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.vcita.com/
Origin: https://live.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:01:53 GMT
content-encoding: gzip
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
server: cloudflare
etag: W/"2024.4.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 87d15609cc403f73-SIN

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 586ms
50ms Font
font/woff2 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://live.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 14:05:30 GMT
x-content-type-options: nosniff
age: 528984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Apr 2025 14:05:30 GMT

GET
H2

200

main.js Show response
live.vcita.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/ Frame EAD5
Redirect Chain

https://live.vcita.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://live.vcita.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

8 KB
4 KB

118ms
118ms

Script
application/javascript

104.18.7.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.vcita.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

Requested by

Host: live.vcita.com
URL: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=%2Finvoices%2Fk52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false

Protocol

Server

104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63c096faad642f29dd0b84dab6717bf8e7719a213e0a8e1a73f82259c8696966

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 01 May 2024 17:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 87d1560c6f4ca02d-SIN

Redirect headers

date: Wed, 01 May 2024 17:01:53 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 87d1560afe4fa02d-SIN
content-length: 0

GET
H2 200 icons-20-58e93385632bc6150f8cd386c98e62eb8a63621a12d0d6a69c15219916dbb126.svg Show response
d27yogw9sew6u9.cloudfront.net/site/assets/icons/ 2 KB
2 KB 150ms
45ms XHR
image/svg+xml 13.225.0.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/icons/icons-20-58e93385632bc6150f8cd386c98e62eb8a63621a12d0d6a69c15219916dbb126.svg
Requested by: Host: d27yogw9sew6u9.cloudfront.net
URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/vendor-fc4c0f4ad73b1e591be153e79357d1bcc3b6981af62fd086c0b2c1fb0ea201a0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.0.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-0-83.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58e93385632bc6150f8cd386c98e62eb8a63621a12d0d6a69c15219916dbb126

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://live.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: OUqIogyOQpM.uNAUP79_9_iPYPegKK7C
content-encoding: gzip
via: 1.1 f89fcc37b128414167e80016d2f77972.cloudfront.net (CloudFront)
date: Wed, 01 May 2024 07:07:13 GMT
x-amz-cf-pop: SIN52-C2
age: 58632
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 10 Apr 2024 08:01:03 GMT
server: AmazonS3
etag: W/"1d0884d6314b2fcdfc3a25c309085877"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: dA1EPFAKRwy3U_gVxCBkCLlGgcOj-CxzrRrvyz_lxnL4uxBtODWLPQ==

GET
H2 200 active_engage_gate Show response
www.vcita.com/api/client_zones/qac9nj8ifzmr5ryy/account/ Frame 3094 3 KB
2 KB 580ms
580ms Document
text/html 104.18.26.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vcita.com/api/client_zones/qac9nj8ifzmr5ryy/account/active_engage_gate

Requested by

Host: d27yogw9sew6u9.cloudfront.net
URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/vendor-fc4c0f4ad73b1e591be153e79357d1bcc3b6981af62fd086c0b2c1fb0ea201a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.3 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d54c2e2518b2cff25c8a09239375842f02c3ce9bef65db4097e36d7d94a83b1

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Referer: https://live.vcita.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: must-revalidate, private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 87d1560bcec99c21-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 01 May 2024 17:01:54 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
server: cloudflare
status: 200 OK
x-frame-options: ALLOWALL
x-rack-cache: miss
x-request-id: 890951d68aafbab780bb6db46c2fbd70
x-runtime: 0.167408
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 15-05395fad7f38e493636cd48750c185d5c2e03f3b6cf5eeab8a8779da0facfe92.jpg
d27yogw9sew6u9.cloudfront.net/site/assets/livesite_backgrounds/ 582 KB
583 KB 52ms
52ms Image
image/jpeg 13.225.0.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/livesite_backgrounds/15-05395fad7f38e493636cd48750c185d5c2e03f3b6cf5eeab8a8779da0facfe92.jpg
Requested by: Host: live.vcita.com
URL: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=%2Finvoices%2Fk52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.0.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-0-83.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05395fad7f38e493636cd48750c185d5c2e03f3b6cf5eeab8a8779da0facfe92

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 01:19:14 GMT
x-amz-version-id: bLldPbnJFIS_XHjnTkcWrT.vUHs6Sghv
via: 1.1 6b0d2463e38d8b2224f25b309fde2ba2.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2024 08:01:03 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 56560
etag: "5fe274764aae665e2912c4195429235a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 595675
x-amz-cf-id: oBOv8i0wmUAlo9vc3xN_d9KCj4FoHp_2AwVJhLZf6F57O3NVbrD2vg==

GET
H2 200 i
www.vcita.com/tr_pics/ 43 B
1 KB 920ms
918ms Image
image/gif 104.18.26.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vcita.com/tr_pics/i?p=2195076&o=Y29udGFjdCBwYWdl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.3 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:01:54 GMT
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status: 200 OK
content-transfer-encoding: binary
content-disposition: inline
content-length: 43
x-request-id: 63e8d1996c60515b869b67ada87b784d
x-ua-compatible: IE=Edge,chrome=1
pragma: no-cache
x-runtime: 0.010878
server: cloudflare
x-frame-options: ALLOWALL
content-type: image/gif
cache-control: must-revalidate, no-cache, no-store, private, max-age=0
cf-ray: 87d1560c5f8b9c21-SIN
x-rack-cache: miss
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK large_55nh58hx1gewpla95yd56a3phu1xgjaf.jpg
c15117557.ssl.cf2.rackcdn.com/avatar/image/1055243/ 9 KB
10 KB 1148ms
120ms Image
image/jpeg 23.202.128.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c15117557.ssl.cf2.rackcdn.com/avatar/image/1055243/large_55nh58hx1gewpla95yd56a3phu1xgjaf.jpg
Requested by: Host: live.vcita.com
URL: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=%2Finvoices%2Fk52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.202.128.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-128-182.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6811cc97397dc63852d6399794f13da20da37501c6e15fa1f632e9514927b50f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 17:01:55 GMT
Last-Modified: Fri, 26 Apr 2024 17:28:08 GMT
ETag: e41a2031df12c41d5b9d0dae099c48bc
Content-Type: image/jpeg
X-Timestamp: 1714152487.07088
Cache-Control: public, max-age=257393
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9392
X-Trans-Id: txd219eea2eade4839a20c3-0066326ea2ord1
Expires: Sat, 04 May 2024 16:31:48 GMT

GET
H2 200 default_staff_image_ufcouk
res.cloudinary.com/livesite/image/upload/v1/LivesiteImages/yz94sxbq2x6q68nu/about/ 9 KB
9 KB 655ms
51ms Image
image/jpeg 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/livesite/image/upload/v1/LivesiteImages/yz94sxbq2x6q68nu/about/default_staff_image_ufcouk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

c99fe3f1efde07dcbfb56df3ba1edaac56efb2d62f5f19ded04868488db8228c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:01:54 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Sun, 01 May 2016 08:17:49 GMT
server: Cloudinary
etag: "6b6af18affc690dcdffeb51f2c64422f"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=3;cpu=2;start=2024-05-01T17:01:54.569Z;desc=hit,rtt;dur=39
accept-ranges: bytes
timing-allow-origin: *
content-length: 9152

GET
H2 200 message2
res.cloudinary.com/livesite/image/upload/v1/Action%20images/Message/ 61 KB
61 KB 590ms
54ms Image
image/jpeg 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/livesite/image/upload/v1/Action%20images/Message/message2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

2b73987c4e8717f685c1c3af09e1f326d1dfe402c0aea84730bb57aa98cecb51

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:01:54 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 14 Apr 2016 11:49:51 GMT
server: Cloudinary
etag: "0cfb3c13da3a76e98ceaf61ffd6b6b8d"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=4;cpu=3;start=2024-05-01T17:01:54.569Z;desc=hit,rtt;dur=39
accept-ranges: bytes
timing-allow-origin: *
content-length: 62704

POST
H2 200 87d15600ae3aa02d Show response
live.vcita.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame EAD5 0
254 B 220ms
219ms XHR
text/plain 104.18.7.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.vcita.com/cdn-cgi/challenge-platform/h/g/jsd/r/87d15600ae3aa02d
Requested by: Host: live.vcita.com
URL: https://live.vcita.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 May 2024 17:01:54 GMT
server: cloudflare
cf-ray: 87d1560dc886a02d-SIN
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 v55bfa2fee65d44688e90c00735ed189a1713218998793 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 3094 19 KB
0 0ms
0ms Script
text/javascript 104.16.79.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by: Host: www.vcita.com
URL: https://www.vcita.com/api/client_zones/qac9nj8ifzmr5ryy/account/active_engage_gate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.vcita.com/
Origin: https://www.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:01:53 GMT
content-encoding: gzip
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
server: cloudflare
etag: W/"2024.4.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 87d15609cc403f73-SIN

GET
H2 200 qac9nj8ifzmr5ryy Show response
clients.vcita.com/portal/ Frame 7B7C 24 KB
7 KB 956ms
937ms Document
text/html 104.18.7.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.vcita.com/portal/qac9nj8ifzmr5ryy
Requested by: Host: d27yogw9sew6u9.cloudfront.net
URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/vendor-fc4c0f4ad73b1e591be153e79357d1bcc3b6981af62fd086c0b2c1fb0ea201a0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 39859ec34abc8efc0e8b7c077658d666f362565d0268cdfca78c8b19ecade0f9

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Referer: https://live.vcita.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
access-control-expose-headers: X-Platform
cf-cache-status: DYNAMIC
cf-ray: 87d156100a7fa02d-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 01 May 2024 17:01:55 GMT
server: cloudflare
x-platform: true
x-powered-by: Express

GET
H2

200

main.js Show response
www.vcita.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/ Frame 51FB
Redirect Chain

https://www.vcita.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.vcita.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

8 KB
4 KB

172ms
172ms

Script
application/javascript

104.18.26.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vcita.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

Requested by

Protocol

Server

104.18.26.3 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63c096faad642f29dd0b84dab6717bf8e7719a213e0a8e1a73f82259c8696966

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 01 May 2024 17:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 87d156111bf69c21-SIN

Redirect headers

date: Wed, 01 May 2024 17:01:54 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
cache-control: max-age=300, public
cf-ray: 87d1560ffade9c21-SIN
content-length: 0

POST
H2 204 rum Show response
www.vcita.com/cdn-cgi/ Frame 3094 0
170 B 127ms
127ms XHR
text/plain 104.18.26.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vcita.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.3 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.vcita.com/api/client_zones/qac9nj8ifzmr5ryy/account/active_engage_gate
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 01 May 2024 17:01:54 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.vcita.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 87d1560ffadf9c21-SIN

POST
H2 200 87d1560bcec99c21 Show response
www.vcita.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 51FB 0
498 B 113ms
112ms XHR
text/plain 104.18.26.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vcita.com/cdn-cgi/challenge-platform/h/g/jsd/r/87d1560bcec99c21
Requested by: Host: www.vcita.com
URL: https://www.vcita.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 May 2024 17:01:54 GMT
server: cloudflare
cf-ray: 87d156124d5f9c21-SIN
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 active_engage_gate Show response
www.vcita.com/api/client_zones/qac9nj8ifzmr5ryy/account/ Frame 3094 3 KB
3 KB 438ms
437ms Document
text/html 104.18.26.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vcita.com/api/client_zones/qac9nj8ifzmr5ryy/account/active_engage_gate

Requested by

Host: d27yogw9sew6u9.cloudfront.net
URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/vendor-fc4c0f4ad73b1e591be153e79357d1bcc3b6981af62fd086c0b2c1fb0ea201a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.3 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eceb1abce669110dcf5c1f43b5a67d5c5c2d9b44daeffa00827f39d61f23e533

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Referer: https://live.vcita.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: must-revalidate, private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 87d156128dac9c21-SIN
content-encoding: gzip
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=tVdBhlRgETlArEkb3bnE1SyjSfrKrVaQIXdoNSaBJJY-1714582915-1.0.1.1-_j5gHPvC9Jt7D_8UxHVM9EqsNeU6bs8.sPFRYAd.suuMw4WOKOB8PPBCARWtN63ufxVD1_nVSeTGX5QZoeAdXAP9dzmLumlF9y27ezlG8is8Jc9D05czZxAN8MCsQUr9ZJtqN8wxBPKbjSQX8B1Y7g; report-to cf-csp-endpoint
content-type: text/html; charset=utf-8
date: Wed, 01 May 2024 17:01:55 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=tVdBhlRgETlArEkb3bnE1SyjSfrKrVaQIXdoNSaBJJY-1714582915-1.0.1.1-_j5gHPvC9Jt7D_8UxHVM9EqsNeU6bs8.sPFRYAd.suuMw4WOKOB8PPBCARWtN63ufxVD1_nVSeTGX5QZoeAdXAP9dzmLumlF9y27ezlG8is8Jc9D05czZxAN8MCsQUr9ZJtqN8wxBPKbjSQX8B1Y7g"}],"group":"cf-csp-endpoint","max_age":86400}
server: cloudflare
status: 200 OK
x-frame-options: ALLOWALL
x-rack-cache: miss
x-request-id: 0b7adddfa0c7efd67f02696a88f879c3
x-runtime: 0.018275
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 place
www.google.com/maps/embed/v1/ Frame 5E8D 0
0 997ms
594ms Document
text/html 142.251.10.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed/v1/place?key=AIzaSyCE9OftC4I-tJbUqtItGI76CX87RY-h2aU&q=hi%20hi}

Requested by

Host: d27yogw9sew6u9.cloudfront.net
URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/application-cfca119d03d30f877805cb22d1d05ae1efbc4e7aaff7a25238070b82af74b74f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f106.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-t0hDT11OAvXA-OrzUGifgA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Referer: https://live.vcita.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1294
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-t0hDT11OAvXA-OrzUGifgA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Wed, 01 May 2024 17:01:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Accept-Language Origin X-Origin Referer
x-content-type-options: nosniff
x-robots-tag: noindex,nofollow
x-xss-protection: 0

POST rum
www.vcita.com/cdn-cgi/ Frame 3094 0
0

GET
H2 200 v55bfa2fee65d44688e90c00735ed189a1713218998793 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 3094 19 KB
0 0ms
0ms Script
text/javascript 104.16.79.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by: Host: www.vcita.com
URL: https://www.vcita.com/api/client_zones/qac9nj8ifzmr5ryy/account/active_engage_gate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.vcita.com/
Origin: https://www.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:01:53 GMT
content-encoding: gzip
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
server: cloudflare
etag: W/"2024.4.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 87d15609cc403f73-SIN

GET
H2 200 main.js Show response
www.vcita.com/cdn-cgi/challenge-platform/scripts/jsd/ Frame 81FF 8 KB
0 172ms
172ms Script
application/javascript 104.18.26.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vcita.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Requested by

Protocol

Server

104.18.26.3 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63c096faad642f29dd0b84dab6717bf8e7719a213e0a8e1a73f82259c8696966

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 87d156111bf69c21-SIN

POST
H2 200 87d156128dac9c21 Show response
www.vcita.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 81FF 0
467 B 100ms
100ms XHR
text/plain 104.18.26.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vcita.com/cdn-cgi/challenge-platform/h/g/jsd/r/87d156128dac9c21
Requested by: Host: www.vcita.com
URL: https://www.vcita.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 May 2024 17:01:55 GMT
server: cloudflare
cf-ray: 87d15615c9669c21-SIN
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 204 rum Show response
www.vcita.com/cdn-cgi/ Frame 3094 0
37 B 92ms
91ms XHR
text/plain 104.18.26.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vcita.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.3 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.vcita.com/api/client_zones/qac9nj8ifzmr5ryy/account/active_engage_gate
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 01 May 2024 17:01:55 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.vcita.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 87d15615c9699c21-SIN

GET
H2 200 css
fonts.googleapis.com/ Frame 7B7C 4 KB
559 B 51ms
49ms Stylesheet
text/css 74.125.68.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Requested by

Host: clients.vcita.com
URL: https://clients.vcita.com/portal/qac9nj8ifzmr5ryy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f95.1e100.net

Software

ESF /

Resource Hash

c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 May 2024 17:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 May 2024 15:08:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 May 2024 17:01:55 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 7B7C 602 KB
167 KB 201ms
53ms Script
text/javascript 13.33.88.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: clients.vcita.com
URL: https://clients.vcita.com/portal/qac9nj8ifzmr5ryy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.88.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-88-13.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a960f7bc548115a971849f5e4fad2b1a8859194c970dd5c0b6c07d34d89b7029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:01:46 GMT
content-encoding: gzip
via: 1.1 de07fad430c1bc86fd21b4e969faf29c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 40
x-amz-cf-pop: SIN2-P2
x-cache: Hit from cloudfront
last-modified: Tue, 30 Apr 2024 20:41:32 GMT
server: Cloudfront
etag: W/"a35d2c08b19a3fd0dfbfcfe08bac6c2c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 28sl0Ti3c63inl39jPjDqQT_6SNFtxFSShTJoCntolKqEyFVFbYt_A==

GET
H2 200 index.96554c30.js Show response
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 4 MB
668 KB 520ms
53ms Script
application/x-javascript 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js
Requested by: Host: clients.vcita.com
URL: https://clients.vcita.com/portal/qac9nj8ifzmr5ryy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6581df55cacd11d37c644517003eff1d9be61320d7996811d010ecb794545296

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 08:00:04 GMT
x-amz-version-id: WLW8Q7tDC0q2OQleFVdbT5__wS0Exhnm
content-encoding: br
via: 1.1 8f23eaccc3b115094ce6ce3910c583e0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P4
age: 32512
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 01 May 2024 07:56:40 GMT
server: AmazonS3
etag: W/"79de420cf5d1f7fa0a760143d59db297"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: sId2CB0uO6MI4ZCDfW-t0zj3kC5jHaG4Nn_o3-jqPPtYRlFt50W71A==

GET
H2 200 vueComponentNormalizer.3afe50b9.js Show response
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 66 KB
25 KB 516ms
50ms Script
application/x-javascript 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/vueComponentNormalizer.3afe50b9.js
Requested by: Host: clients.vcita.com
URL: https://clients.vcita.com/portal/qac9nj8ifzmr5ryy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f450b669b7885c1b3fa5f61a0c4c5dc7ab673ed97eeadc626bdcdaf41ed0d68

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: rXPUyGyZnD4eCEpp5IrGXPz3ozj7fjD0
content-encoding: gzip
via: 1.1 8f23eaccc3b115094ce6ce3910c583e0.cloudfront.net (CloudFront)
date: Wed, 01 May 2024 10:42:31 GMT
x-amz-cf-pop: SIN2-P4
age: 22765
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 25 Apr 2024 16:14:06 GMT
server: AmazonS3
etag: W/"e0c5cf5fc1897e9e208885be0a0bd19c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: AUGQBCyRbwd9nIbNERG3XIARCTEsgmTFEJUpVpJM4M7pE_BmkEJ55A==

GET
H2 200 index.a542c2c3.css
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 1 MB
162 KB 520ms
54ms Stylesheet
text/css 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.a542c2c3.css
Requested by: Host: clients.vcita.com
URL: https://clients.vcita.com/portal/qac9nj8ifzmr5ryy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a542c2c35c73fc473767076d25fce006b33ad80f245753bac8ed2369847537bd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 7vZoGOdnazWIhrLqUOHAKBnfRx2Z3qCL
content-encoding: gzip
via: 1.1 1d57903077f825f5f9b8e3bdb1b93704.cloudfront.net (CloudFront)
date: Wed, 01 May 2024 02:19:57 GMT
last-modified: Thu, 25 Apr 2024 16:14:05 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P4
age: 62368
x-amz-server-side-encryption: AES256
etag: W/"686b59c9de1fb89054308702e468be7e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
x-amz-cf-id: 1x2GOKYk3IPL54vPUoU2KLBSqhXqbz9tHvDBlBpLRRHpwJijlnIQaw==

GET
H2 200 v55bfa2fee65d44688e90c00735ed189a1713218998793 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 7B7C 19 KB
0 1ms
1ms Script
text/javascript 104.16.79.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by: Host: clients.vcita.com
URL: https://clients.vcita.com/portal/qac9nj8ifzmr5ryy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:01:53 GMT
content-encoding: gzip
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
server: cloudflare
etag: W/"2024.4.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 87d15609cc403f73-SIN

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 7B7C 243 KB
79 KB 76ms
75ms Script
text/javascript 74.125.68.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCIsf7LgWftTLtCl-ZbAwY33O7R3PIjTZg&libraries=places&callback=initVGAMaps&language=en

Requested by

Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

2eea52a18df9e33da5f4dc623a10459dd4d43375dd9a8482af5273ebf00e057c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80601
x-xss-protection: 0

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ Frame 7B7C 54 KB
19 KB 453ms
47ms Script
text/javascript 130.211.5.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.5.208 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 208.5.211.130.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 87a9dc9be70cd0233d8ce1e472fe0751e178b7a1a42f5adde35f275ef0cefcc3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:59:56 GMT
content-encoding: gzip
age: 120
x-guploader-uploadid: ABPtcPrezwfYfRHDhY49nLCdchgkoFAak7sQUV_uoYqEyxHY9m8GIuJrzewUZhxckMQugba345sUsInI2Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18793
last-modified: Fri, 26 Apr 2024 20:55:25 GMT
server: UploadServer
etag: "699087d24603faf41a8ef844dd0c55d1"
vary: Accept-Encoding
x-goog-generation: 1714164925156474
x-goog-hash: crc32c=4oRQEw==, md5=aZCH0kYD+vQajvhE3QxV0Q==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 18793
accept-ranges: bytes
expires: Wed, 01 May 2024 17:09:56 GMT

GET
H2 200 PaymentsIndex.27cc2c8a.js Show response
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 495 B
1000 B 63ms
59ms Script
application/x-javascript 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/PaymentsIndex.27cc2c8a.js
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72d06f278aed78a5165c67798f0589fdaf2ab19d1d5ce4a2da31a34e2c59a5a9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 08:01:19 GMT
x-amz-version-id: xLdUlJOl6IzxrEmtxNcj47Sh8m3B6fC1
via: 1.1 8f23eaccc3b115094ce6ce3910c583e0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P4
age: 32437
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 495
last-modified: Wed, 01 May 2024 07:56:38 GMT
server: AmazonS3
etag: "63b2b74db0b9065b749da3e750e55939"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: X6vtMSKgfVbchongZhu3zPW-7WT-_8BXihR-GtAIfgcheVUcOd1WHg==

GET
H2 200 PaymentEntityPage.76559ead.js Show response
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 29 KB
7 KB 63ms
60ms Script
application/x-javascript 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/PaymentEntityPage.76559ead.js
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ae98fe67df45b2b56e2fb836854ec33b051c2ba4e415e3b280ef28f273e337f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 08:01:10 GMT
x-amz-version-id: PjqBq1nLYTe3tkWRRQAATcckuSVEGwjH
content-encoding: br
via: 1.1 8f23eaccc3b115094ce6ce3910c583e0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P4
age: 32446
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 01 May 2024 07:56:38 GMT
server: AmazonS3
etag: W/"6a6b713faaf95e850ebda9f499f403ed"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: 9nwpyZUH9yYudsnOzhAs0EkAjFJQgf_kIRO-3ukZvPKQqvAzWxpCCQ==

GET
H2 200 PaymentEntityPage.61979bc9.css
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 12 KB
3 KB 68ms
64ms Stylesheet
text/css 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/PaymentEntityPage.61979bc9.css
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61979bc93cd00c8332c36683ce0529efa97f2b5acf66b1f8e367380dc16bee66

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: OfAsuYMlbv_Jf9iVJZ25szaz8tGS9xtj
content-encoding: gzip
via: 1.1 1d57903077f825f5f9b8e3bdb1b93704.cloudfront.net (CloudFront)
date: Wed, 01 May 2024 00:02:19 GMT
x-amz-cf-pop: SIN2-P4
age: 61178
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 25 Apr 2024 16:14:03 GMT
server: AmazonS3
etag: W/"6982e043f136b4de9dd1a89a8e58c17e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: lTzScHUok15aj8KPVLTw6biAozr811xB2fZFMQjrlrEHPnYKp6ULhQ==

GET
H2 200 PaymentItemsList.c3104670.js Show response
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 10 KB
3 KB 64ms
61ms Script
application/x-javascript 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/PaymentItemsList.c3104670.js
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ca1cdc642c52f8b327621e0f62ab1379e385e79a465190effb1cce8439fafd0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 08:01:12 GMT
x-amz-version-id: lbL0I0wSXf5meT94qTN6t9noTEGL6l07
content-encoding: br
via: 1.1 8f23eaccc3b115094ce6ce3910c583e0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P4
age: 32445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 01 May 2024 07:56:38 GMT
server: AmazonS3
etag: W/"b842494c9f2ea5f921fb306d0a2d7898"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: XE7Y7EbuQTqXzj9So6KzPYFClWNKmEAg7yAgdI7-tC4ToZMh6oXnQg==

GET
H2 200 PaymentItemsList.4561068f.css
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 4 KB
2 KB 67ms
65ms Stylesheet
text/css 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/PaymentItemsList.4561068f.css
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4561068f35253d6d1629b2dbfd7b76ad9483c481d63be228b0d8708cfd255b00

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: yVQj526tSxcNPD2Np_t_R.h.B4o.3Kcg
content-encoding: gzip
via: 1.1 1d57903077f825f5f9b8e3bdb1b93704.cloudfront.net (CloudFront)
date: Tue, 30 Apr 2024 23:41:46 GMT
x-amz-cf-pop: SIN2-P4
age: 62411
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 25 Apr 2024 16:14:03 GMT
server: AmazonS3
etag: W/"871c1cb80cc65eda9d0b3160b638d01c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: MaCzbK6_fqt-4MkkrmbyPOlYBDjZbGsWf_0a2x5A9L7wJTRGXBgZlA==

GET
H2 200 paymentsTexts.63952088.js Show response
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 703 B
1 KB 64ms
62ms Script
application/x-javascript 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/paymentsTexts.63952088.js
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 877e8d86e577dadb8fa89757a532fdafcf92adfdc7507697f25199361637e095

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 08:01:23 GMT
x-amz-version-id: JkYS80V_lPPCDCgtNSmf90paHEAxxP1_
via: 1.1 8f23eaccc3b115094ce6ce3910c583e0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P4
age: 32434
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 703
last-modified: Wed, 01 May 2024 07:56:40 GMT
server: AmazonS3
etag: "d84d0ef0a122a7d722275670d988a8e7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: APupTnYDQeZ7yKjeRJL49-2--AivjvNtPjBBwJYw06ThKabV_CzJdQ==

GET
H2 200 SignatureDialog.01a39123.js Show response
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 15 KB
6 KB 64ms
62ms Script
application/x-javascript 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/SignatureDialog.01a39123.js
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4092490bafa805a2511bcdfae03f5a48d90ded7d181833bb5b27c20c44b6df6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 08:01:47 GMT
x-amz-version-id: quTkoX6i5qoihNE3fgLisJKgMLQpl4P4
content-encoding: br
via: 1.1 8f23eaccc3b115094ce6ce3910c583e0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P4
age: 32410
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 01 May 2024 07:56:38 GMT
server: AmazonS3
etag: W/"9322f465903f9823217ea44b245510c0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: gCORE7dytFHsu1KxnM6cx95cXfd259toB2K9Vn9gcisXySU4gYCdXg==

GET
H2 200 SignatureDialog.689f524d.css
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 3 KB
1 KB 67ms
66ms Stylesheet
text/css 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/SignatureDialog.689f524d.css
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 689f524d4be8c3c81edf98d288ee03455f0965e87900216dc11d68f9fadfd476

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: rFtCY2NS_FnkHoDbMzaq0QYRo4Zdnpq8
content-encoding: gzip
via: 1.1 1d57903077f825f5f9b8e3bdb1b93704.cloudfront.net (CloudFront)
date: Wed, 01 May 2024 00:02:32 GMT
x-amz-cf-pop: SIN2-P4
age: 61165
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 25 Apr 2024 16:14:04 GMT
server: AmazonS3
etag: W/"5c9d5d6a6c11070c7e731276e938ef05"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: ZTdnWY-sRnOcmrYdUoOs4cyq3Nf2YRtJBo7Sb7fSsjmb9rANsD4HcQ==

GET
H2 200 CheckoutSummary.a7ab3f69.js Show response
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 5 KB
2 KB 64ms
62ms Script
application/x-javascript 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/CheckoutSummary.a7ab3f69.js
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0274f50713674b723951285f47a847f65bc489837788633f75e8d18a07411e7e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 08:00:23 GMT
x-amz-version-id: Kz63lsD9Kcd5cbxo.Zxr8KTu0AmyygzP
content-encoding: br
via: 1.1 8f23eaccc3b115094ce6ce3910c583e0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P4
age: 32494
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 01 May 2024 07:56:36 GMT
server: AmazonS3
etag: W/"e585c3bb825337a902563c08e0dcdbb1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: Zw_t7o0ZraTn22kHgoSJI-oNnzy5OTC6dWbgYamCafjIcYlf9TBxRA==

GET
H2 200 CheckoutSummary.44b474b5.css
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 3 KB
1 KB 66ms
65ms Stylesheet
text/css 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/CheckoutSummary.44b474b5.css
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44b474b58771059cc9ff9f5bc53c1acb7eb156e930c1775139301f79ab22d426

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: nxu9.PDW7L1TnkUxIBmGe5B3aHeoHxkn
content-encoding: br
via: 1.1 1d57903077f825f5f9b8e3bdb1b93704.cloudfront.net (CloudFront)
date: Wed, 01 May 2024 04:07:03 GMT
x-amz-cf-pop: SIN2-P4
age: 46494
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 25 Apr 2024 16:14:02 GMT
server: AmazonS3
etag: W/"1413abb68a9afeebb85281abf31e8bda"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: MEquu8T3PZCLChbDTszfcJpSxmp6UTl2J_a-KulRA6VTi7zz-QkTFA==

GET
H/1.1 200
OK large_55nh58hx1gewpla95yd56a3phu1xgjaf.jpg
c15117557.ssl.cf2.rackcdn.com/avatar/image/1055243/ Frame 7B7C 9 KB
0 0ms
0ms Image
image/jpeg 23.202.128.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c15117557.ssl.cf2.rackcdn.com/avatar/image/1055243/large_55nh58hx1gewpla95yd56a3phu1xgjaf.jpg
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/vueComponentNormalizer.3afe50b9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.202.128.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-128-182.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6811cc97397dc63852d6399794f13da20da37501c6e15fa1f632e9514927b50f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 17:01:55 GMT
Last-Modified: Fri, 26 Apr 2024 17:28:08 GMT
ETag: e41a2031df12c41d5b9d0dae099c48bc
Content-Type: image/jpeg
X-Timestamp: 1714152487.07088
Cache-Control: public, max-age=257393
Accept-Ranges: bytes
Content-Length: 9392
X-Trans-Id: txd219eea2eade4839a20c3-0066326ea2ord1
Expires: Sat, 04 May 2024 16:31:48 GMT

GET
H2 200 FeatureImage_Geek_Squad_b6d80q
res.cloudinary.com/livesite/image/upload/c_fill,w_1024/v1/LivesiteImages/qac9nj8ifzmr5ryy/cover/ Frame 7B7C 43 KB
43 KB 50ms
49ms Image
image/jpeg 151.101.65.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/livesite/image/upload/c_fill,w_1024/v1/LivesiteImages/qac9nj8ifzmr5ryy/cover/FeatureImage_Geek_Squad_b6d80q

Requested by

Host: clients.vcita.com
URL: https://clients.vcita.com/portal/qac9nj8ifzmr5ryy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e6b87b1dbb2e6dc02e962e4a8a97193d09875557a6fc0ccf828c6c301db90ae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:01:56 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Fri, 26 Apr 2024 17:38:44 GMT
server: Cloudinary
etag: "07455f61f6865cd4848ffb22a26cc54f"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-fastly;dur=2;cpu=0;start=2024-05-01T17:01:56.544Z;desc=hit,rtt;dur=6,content-info;desc="width=1024,height=683,bytes=44149,owidth=900,oheight=600,obytes=11667,ef=(1,17,23)"
accept-ranges: bytes
timing-allow-origin: *
content-length: 44149

GET
H2 200 fa-solid-900.f350c708.woff2
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 321 KB
322 KB 50ms
48ms Font
application/octet-stream 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/fa-solid-900.f350c708.woff2
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.a542c2c3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://djbvmk5k5vh9e.cloudfront.net/assets/index.a542c2c3.css
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 7w709zWd2g7GoOJfeEF1GRcE9eAJT7jS
date: Wed, 01 May 2024 05:15:40 GMT
via: 1.1 8f23eaccc3b115094ce6ce3910c583e0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P4
age: 42377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 329204
last-modified: Thu, 25 Apr 2024 16:14:05 GMT
server: AmazonS3
etag: "6ebcf9f18ded9c54f71ec1198c32aa52"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: I-mzGVWLttdsSc1VD_Wm8wY5LRyEIsjqFbITM9KXBiTKog_KY8gtHg==

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ Frame 7B7C 8 KB
8 KB 55ms
54ms Font
font/woff2 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 10:17:34 GMT
x-content-type-options: nosniff
age: 24262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 May 2025 10:17:34 GMT

GET
H2 200 virtual_pwa-register.e5f8f46c.js Show response
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 1 KB
1 KB 52ms
52ms Script
application/x-javascript 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/virtual_pwa-register.e5f8f46c.js
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21ea97f46222e9b52d78d22e0fa84c02f2d7bc9b65f8ef913b957591969fea57

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 08:00:08 GMT
x-amz-version-id: pkS_1upEh.sPm3ER.8lckRXBymbIWq6a
content-encoding: br
via: 1.1 8f23eaccc3b115094ce6ce3910c583e0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P4
age: 32509
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 01 May 2024 07:56:40 GMT
server: AmazonS3
etag: W/"231a7391de26421e486bf20034b8cf08"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: SWjY28yut9FEOb6YUr2tBvMlgOLWIIVTohqRxI14OHNHCtRAdty6oA==

GET
DATA 200
OK truncated
/ Frame 7B7C 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94f767ce6f01b34999c78eeeb98b3d09c0ee1c8f8b86ed8ebfa8df9ca651ce24

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 2D44 0
0 154ms
58ms Document
text/html 13.33.88.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.88.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-88-13.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Referer: https://clients.vcita.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2878
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 01 May 2024 16:14:07 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 26 Apr 2024 20:07:54 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 12092b1d863b1b4b20da0d09effe7b36.cloudfront.net (CloudFront)
x-amz-cf-id: SxHwUOAPZcPe52gSUw5-HmCUwtNhLvjE9VA5XroWtgVLP5R6gEESgA==
x-amz-cf-pop: SIN2-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ Frame 7B7C 8 KB
8 KB 66ms
65ms Font
font/woff2 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:42:21 GMT
x-content-type-options: nosniff
age: 281975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Apr 2025 10:42:21 GMT

GET
H2 200 icomoon.08c372d2.woff
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 65 KB
66 KB 77ms
77ms Font
application/octet-stream 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/icomoon.08c372d2.woff?-rdmvgd
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.a542c2c3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08c372d2f393302ad0795615edd7bec4cb5dbc3bd6bc58b456eb687d062d35c4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://djbvmk5k5vh9e.cloudfront.net/assets/index.a542c2c3.css
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8Mc5MF4gFHzsOynkq6D6t5cqJpdqWcfP
date: Wed, 01 May 2024 05:15:40 GMT
via: 1.1 8f23eaccc3b115094ce6ce3910c583e0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P4
age: 42377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 66520
last-modified: Thu, 25 Apr 2024 16:14:05 GMT
server: AmazonS3
etag: "e87aeaf4bd38138f7bf3c3e28dc19979"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: DNFNsJzkKsPJYG3fgWLJi0z0tE3oRp_QVF3QqFD5bU78spQFl9ymWw==

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 7B7C 3 B
358 B 470ms
52ms XHR
application/json 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://clients.vcita.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 client Show response
api2.vcita.com/client_api/v1/portals/qac9nj8ifzmr5ryy/ Frame 7B7C 494 B
1022 B 914ms
913ms XHR
application/json 104.18.7.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.vcita.com/client_api/v1/portals/qac9nj8ifzmr5ryy/client?o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&source_campaign=bWVzc2FnZV9yZXF1ZXN0&campaign=bWVzc2FnZV9yZXF1ZXN0&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&business_uid=qac9nj8ifzmr5ryy&portal_id=qac9nj8ifzmr5ryy

Requested by

Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3af1c4c0313cf5fbbde942a632ef04600ee87f22605e4e4c12bd900aed497e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiMWI2cWlobmtmZXh6MGd1cyIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6InFhYzluajhpZnptcjVyeXkifSwiZXhwIjoxNzE0NTk3MzE0LCJ0eXBlIjoiY2xpZW50IiwianRpIjoiNDkwNmY2NDY2ZDYyOTkxN2ZkMjIxNThiYWM0ODE5MzIxYjc1MjE5MDBkYWU2Zjc1YjVhYWYxOGIxZTRiNzBmOSJ9.lgiDNFt_q9JM7CtC4_ddXdRcvHvT6DqF4FNFuV1BguI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://clients.vcita.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-platform: true
x-xss-protection: 1; mode=block
x-request-id: 8eb19d96f8ea19eeaf3f0eac3a883637
x-runtime: 0.017814
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e3af1c4c0313cf5fbbde942a632ef046"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://clients.vcita.com
access-control-expose-headers: X-Platform
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 87d15625ac64a02d-SIN
vary: Origin

OPTIONS
H2 200 client
api2.vcita.com/client_api/v1/portals/qac9nj8ifzmr5ryy/ Frame 0
0 1350ms
861ms Preflight
text/plain 104.18.7.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.vcita.com/client_api/v1/portals/qac9nj8ifzmr5ryy/client?o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&source_campaign=bWVzc2FnZV9yZXF1ZXN0&campaign=bWVzc2FnZV9yZXF1ZXN0&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&business_uid=qac9nj8ifzmr5ryy&portal_id=qac9nj8ifzmr5ryy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://clients.vcita.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://clients.vcita.com
access-control-expose-headers: X-Platform
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 87d1562048904c6b-SIN
content-encoding: gzip
content-type: text/plain; charset=utf-8
date: Wed, 01 May 2024 17:01:57 GMT
server: cloudflare
x-platform: true

GET
H2 200 workbox-window.prod.es5.fb541039.js Show response
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 5 KB
3 KB 47ms
46ms Script
application/x-javascript 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/workbox-window.prod.es5.fb541039.js
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/virtual_pwa-register.e5f8f46c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 688aac7001b9cf8483f8ecff49f1d2a7581998e2a9c794d6fb3aca2752552535

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://djbvmk5k5vh9e.cloudfront.net/assets/virtual_pwa-register.e5f8f46c.js
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: YSoi8cCbVN.EYiNqLpG4PYO4LBsLiMU9
content-encoding: gzip
via: 1.1 8f23eaccc3b115094ce6ce3910c583e0.cloudfront.net (CloudFront)
date: Wed, 01 May 2024 04:09:28 GMT
x-amz-cf-pop: SIN2-P4
age: 46349
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 25 Apr 2024 16:14:06 GMT
server: AmazonS3
etag: W/"610abee1f0a0cf28ec9ee1ecc816323a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: FSU5ddT3EWlQGgag3wrsXZko0BLshL-_Ta2gM5msNp7-31VeLcvk8g==

POST
H2 204 rum Show response
clients.vcita.com/cdn-cgi/ Frame 7B7C 0
206 B 360ms
358ms XHR
text/plain 104.18.7.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clients.vcita.com/cdn-cgi/rum?

Requested by

Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://clients.vcita.com/portal/qac9nj8ifzmr5ryy
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 01 May 2024 17:01:57 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://clients.vcita.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 87d15621d996a02d-SIN

POST
H2 204 rum Show response
live.vcita.com/cdn-cgi/ 0
54 B 359ms
358ms XHR
text/plain 104.18.7.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.vcita.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=%2Finvoices%2Fk52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 01 May 2024 17:01:57 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://live.vcita.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 87d15621e997a02d-SIN

GET
H/1.1 200
OK large_55nh58hx1gewpla95yd56a3phu1xgjaf.jpg
c15117557.ssl.cf2.rackcdn.com/avatar/image/1055243/ 9 KB
0 1ms
0ms Other
image/jpeg 23.202.128.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c15117557.ssl.cf2.rackcdn.com/avatar/image/1055243/large_55nh58hx1gewpla95yd56a3phu1xgjaf.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.202.128.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-128-182.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6811cc97397dc63852d6399794f13da20da37501c6e15fa1f632e9514927b50f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://live.vcita.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 17:01:55 GMT
Last-Modified: Fri, 26 Apr 2024 17:28:08 GMT
ETag: e41a2031df12c41d5b9d0dae099c48bc
Content-Type: image/jpeg
X-Timestamp: 1714152487.07088
Cache-Control: public, max-age=257393
Accept-Ranges: bytes
Content-Length: 9392
X-Trans-Id: txd219eea2eade4839a20c3-0066326ea2ord1
Expires: Sat, 04 May 2024 16:31:48 GMT

OPTIONS
H2 200 cards
api2.vcita.com/platform/v1/clients/payment/ Frame 0
0 343ms
343ms Preflight
text/plain 104.18.7.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.vcita.com/platform/v1/clients/payment/cards?business_id=qac9nj8ifzmr5ryy&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&source_campaign=bWVzc2FnZV9yZXF1ZXN0&campaign=bWVzc2FnZV9yZXF1ZXN0&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&matter_uid=vyx8st0p6umynfb0&business_uid=qac9nj8ifzmr5ryy&portal_id=qac9nj8ifzmr5ryy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://clients.vcita.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET, PUT, DELETE, POST, OPTIONS
access-control-allow-origin: https://clients.vcita.com
access-control-expose-headers: X-Platform
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 87d1562b8f094c6b-SIN
content-encoding: gzip
content-type: text/plain; charset=utf-8
date: Wed, 01 May 2024 17:01:59 GMT
server: cloudflare
x-platform: true

OPTIONS
H2 204 relations
api.vcita.biz/client/docuforms/v1/ Frame 0
0 1636ms
964ms Preflight 104.18.27.3

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vcita.biz/client/docuforms/v1/relations?filter[entity_type]=invoice&filter[entity_uid]=k52ooqko853gn9dh&matter_uid=vyx8st0p6umynfb0&business_uid=qac9nj8ifzmr5ryy&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&source_campaign=bWVzc2FnZV9yZXF1ZXN0&campaign=bWVzc2FnZV9yZXF1ZXN0&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&portal_id=qac9nj8ifzmr5ryy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://clients.vcita.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Authorization
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: X-Platform
cf-cache-status: DYNAMIC
cf-ray: 87d156303da24828-SIN
date: Wed, 01 May 2024 17:02:00 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-platform: true

OPTIONS
H2 200 k52ooqko853gn9dh
api2.vcita.com/client_api/v1/portals/qac9nj8ifzmr5ryy/invoice/ Frame 0
0 856ms
856ms Preflight
text/plain 104.18.7.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.vcita.com/client_api/v1/portals/qac9nj8ifzmr5ryy/invoice/k52ooqko853gn9dh?o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&source_campaign=bWVzc2FnZV9yZXF1ZXN0&campaign=bWVzc2FnZV9yZXF1ZXN0&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&matter_uid=vyx8st0p6umynfb0&business_uid=qac9nj8ifzmr5ryy&portal_id=qac9nj8ifzmr5ryy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://clients.vcita.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://clients.vcita.com
access-control-expose-headers: X-Platform
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 87d1562bcf254c6b-SIN
content-encoding: gzip
content-type: text/plain; charset=utf-8
date: Wed, 01 May 2024 17:01:59 GMT
server: cloudflare
x-platform: true

GET
H2 200 cards Show response
api2.vcita.com/platform/v1/clients/payment/ Frame 7B7C 35 B
253 B 392ms
391ms XHR
application/json 104.18.7.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.vcita.com/platform/v1/clients/payment/cards?business_id=qac9nj8ifzmr5ryy&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&source_campaign=bWVzc2FnZV9yZXF1ZXN0&campaign=bWVzc2FnZV9yZXF1ZXN0&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&matter_uid=vyx8st0p6umynfb0&business_uid=qac9nj8ifzmr5ryy&portal_id=qac9nj8ifzmr5ryy

Requested by

Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45bb9471239379b5d4f90ec8f894daf924dbb44c9e5084ddcee7eb6dec6fdbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiMWI2cWlobmtmZXh6MGd1cyIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6InFhYzluajhpZnptcjVyeXkifSwiZXhwIjoxNzE0NTk3MzE0LCJ0eXBlIjoiY2xpZW50IiwianRpIjoiNDkwNmY2NDY2ZDYyOTkxN2ZkMjIxNThiYWM0ODE5MzIxYjc1MjE5MDBkYWU2Zjc1YjVhYWYxOGIxZTRiNzBmOSJ9.lgiDNFt_q9JM7CtC4_ddXdRcvHvT6DqF4FNFuV1BguI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://clients.vcita.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-platform: true
x-xss-protection: 1; mode=block
x-request-id: 47843ebed01360f552ecb44c9e161ba3
x-runtime: 0.017937
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"45bb9471239379b5d4f90ec8f894daf9"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, PUT, DELETE, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://clients.vcita.com
access-control-expose-headers: X-Platform
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 87d1562daac7a02d-SIN
vary: Origin

GET relations
api.vcita.biz/client/docuforms/v1/ Frame 7B7C 0
0

GET
H2 200 k52ooqko853gn9dh Show response
api2.vcita.com/client_api/v1/portals/qac9nj8ifzmr5ryy/invoice/ Frame 7B7C 5 KB
2 KB 442ms
441ms XHR
application/json 104.18.7.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.vcita.com/client_api/v1/portals/qac9nj8ifzmr5ryy/invoice/k52ooqko853gn9dh?o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&source_campaign=bWVzc2FnZV9yZXF1ZXN0&campaign=bWVzc2FnZV9yZXF1ZXN0&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&matter_uid=vyx8st0p6umynfb0&business_uid=qac9nj8ifzmr5ryy&portal_id=qac9nj8ifzmr5ryy

Requested by

Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9089d9d5074150ee3a24388e41305225876b6f8a9e5a563828022442b80fc85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiMWI2cWlobmtmZXh6MGd1cyIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6InFhYzluajhpZnptcjVyeXkifSwiZXhwIjoxNzE0NTk3MzE0LCJ0eXBlIjoiY2xpZW50IiwianRpIjoiNDkwNmY2NDY2ZDYyOTkxN2ZkMjIxNThiYWM0ODE5MzIxYjc1MjE5MDBkYWU2Zjc1YjVhYWYxOGIxZTRiNzBmOSJ9.lgiDNFt_q9JM7CtC4_ddXdRcvHvT6DqF4FNFuV1BguI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://clients.vcita.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 17:02:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-platform: true
x-xss-protection: 1; mode=block
x-request-id: 25c1b1f53f92f4c985d6fa9347755f8a
x-runtime: 0.068068
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"9089d9d5074150ee3a24388e41305225"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://clients.vcita.com
access-control-expose-headers: X-Platform
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 87d156312d6ca02d-SIN
vary: Origin

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ Frame 7B7C 8 KB
8 KB 51ms
50ms Font
font/woff2 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 10:12:28 GMT
x-content-type-options: nosniff
age: 24571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 May 2025 10:12:28 GMT

GET
H2 200 fa-regular-400.121b1769.woff2
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 7B7C 380 KB
381 KB 56ms
55ms Font
application/octet-stream 108.156.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djbvmk5k5vh9e.cloudfront.net/assets/fa-regular-400.121b1769.woff2
Requested by: Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.a542c2c3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-34.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://djbvmk5k5vh9e.cloudfront.net/assets/index.a542c2c3.css
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: aI8N0FxPXekOxVQPr6YqsVcIoy_no7Ye
date: Wed, 01 May 2024 16:27:15 GMT
via: 1.1 8f23eaccc3b115094ce6ce3910c583e0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P4
age: 60025
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 388900
last-modified: Thu, 25 Apr 2024 16:14:05 GMT
server: AmazonS3
etag: "a927362a975051e5d7361d860d8ffba7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: rf9w6lQ3vF6Rn9IkE3HgzyrV14WZWfYpDhdvZow2QpjPShXXqrlZ8Q==

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ Frame 7B7C 8 KB
8 KB 51ms
51ms Font
font/woff2 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://clients.vcita.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:37:49 GMT
x-content-type-options: nosniff
age: 159850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Apr 2025 20:37:49 GMT

OPTIONS
H2 200 deposits
api2.vcita.com/client/payments/v1/ Frame 0
0 351ms
351ms Preflight
text/plain 104.18.7.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.vcita.com/client/payments/v1/deposits?filter[entity_type][in]=Invoice&filter[entity_uid][eq]=k52ooqko853gn9dh&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&source_campaign=bWVzc2FnZV9yZXF1ZXN0&campaign=bWVzc2FnZV9yZXF1ZXN0&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&matter_uid=vyx8st0p6umynfb0&business_uid=qac9nj8ifzmr5ryy&portal_id=qac9nj8ifzmr5ryy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://clients.vcita.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
access-control-allow-origin: https://clients.vcita.com
access-control-expose-headers: X-Platform
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 87d156343cf64c6b-SIN
content-encoding: gzip
content-type: text/plain; charset=utf-8
date: Wed, 01 May 2024 17:02:00 GMT
server: cloudflare
x-platform: true

GET deposits
api2.vcita.com/client/payments/v1/ Frame 7B7C 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.vcita.com
URL: https://www.vcita.com/cdn-cgi/rum?

Domain: api.vcita.biz
URL: https://api.vcita.biz/client/docuforms/v1/relations?filter[entity_type]=invoice&filter[entity_uid]=k52ooqko853gn9dh&matter_uid=vyx8st0p6umynfb0&business_uid=qac9nj8ifzmr5ryy&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&source_campaign=bWVzc2FnZV9yZXF1ZXN0&campaign=bWVzc2FnZV9yZXF1ZXN0&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&portal_id=qac9nj8ifzmr5ryy

Domain: api2.vcita.com
URL: https://api2.vcita.com/client/payments/v1/deposits?filter[entity_type][in]=Invoice&filter[entity_uid][eq]=k52ooqko853gn9dh&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Finvoices%252Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26pay%3Dfalse&source_campaign=bWVzc2FnZV9yZXF1ZXN0&campaign=bWVzc2FnZV9yZXF1ZXN0&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&matter_uid=vyx8st0p6umynfb0&business_uid=qac9nj8ifzmr5ryy&portal_id=qac9nj8ifzmr5ryy

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.vcita.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: odTt1SKk2%2FJaCMTtzx3o3EL7CvQ9nMBy2vVKqV76rjdw7yWaH4yH%2FFAvxwbLSQno2dZtyXWhYV%2BVP%2BipAopIlw%3D%3D
.vcita.com/	1969-12-31 23:59:59	Name: ____vcita_session_v6 Value: %2FA%2FFlCeR6WWCLULfAJqjKXt5saNCbe8SX67g8oJi2SMtAMOItSrQX6aYXUt9x14zNYv1Fkh1gpWkI4u95Y6BIg00wYKXHcg8%2BYUJc9d4OAULI9O9Mtyy%2FCD3bhcYptFDS296bydMHmX2tyyTCG%2BH8sc4dW%2B%2BaQDv01hVmLBWjaAiLvJuuLSlSuX2O3sTxxGlp2jcx0ldplhcCo%2FVkQZvmiiImrD%2FFIr5BhpUXcw4H47lkEZxc%2BtjG2uUm0TPt8AyyTdzNL%2FWuhIk0pDKrkT63mVQtKLcHcRzoQ%3D%3D--6SsrRn9ic8xpvEek--Di1ag6LGvgVgoeOaV5Ytng%3D%3D
.vcita.com/	1970-01-21 05:01:58	Name: cf_clearance Value: S_It0idOFQEoi8DYOTK7PvaUqfVBOCzbCIskaU.u1QI-1714582914-1.0.1.1-jsl1rV9_vp6xlLtTdIBIetbZOWErX8_nu9gCrbU0LwzpTD8Q_MlnXPD5mV5ZWU9lzI7ned_sQ7Rl.RhPNsUxKw
www.vcita.com/	1969-12-31 23:59:59	Name: source_referrer Value: https%3A%2F%2Flive.vcita.com%2F
.vcita.com/	1970-01-21 05:52:22	Name: attribution_params Value: %5B%7B%22source_referrer%22%3A%22https%3A%2F%2Flive.vcita.com%2F%22%2C%22source_invite%22%3A%22Direct+Traffic%22%2C%22time_stamp%22%3A%222024-05-01T17%3A01%3A54%2B00%3A00%22%7D%5D
.vcita.com/	1970-01-20 21:42:46	Name: ____vcita_session Value: BAh7CUkiD3Nlc3Npb25faWQGOgZFVEkiJTA1ZTUwMDBlYzRjMDQ3OWI4OWY2ODQwNmEyNDc0NGZiBjsAVEkiIXdhcmRlbi51c2VyLnpvbmVfMjE5NTA3Ni5rZXkGOwBUWwhpBEGJAw5pA4R%2BIUkiJWNiMTM1ZGU0ZjY1OGYzMmU4NzA3NTdhMTZkYzRhMWY1BjsARkkiEF9jc3JmX3Rva2VuBjsARkkiMTBUdklUejBvWEE0S0p3UHJCRlRoTkpzdFp6MUlQYUV0VDhxaUFGeHc1cUE9BjsARkkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIhxodHRwczovL2xpdmUudmNpdGEuY29tLwY7AEY%3D--10ae55d03bdc6fd4be035519d527021fc21b7764
.www.vcita.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Xp2pNk6x3ZEVuX7CqLtFt1_xS.rjrAatEe3leNi3stA-1714582915286-0.0.1.1-604800000
.www.vcita.com/	1970-01-21 05:01:58	Name: cf_clearance Value: Cz7vfyh4e4GKkstrQBgr2p9_jPnKO00aJZ3cO1MoM2c-1714582915-1.0.1.1-4u6zMkb4L0JnLZbPmoS2Y7lBChXODA5NL8Ok4MLCJmqjlkvCIqSeTDbSWEHcOEfhKQKxQkZnzTwSf66V2ekVlw
.www.vcita.com/	1970-01-20 20:16:24	Name: __cf_bm Value: Ru_PxUIUOI0KTBHnMiTxA6y_sG2BGORwfYunewioC_4-1714582915-1.0.1.1-P.c9OJejlNO8_XPK5Ntn8LHw1Aapj5g.9kUdUhR3PC0EjmYEdlQyR9nIuGUuD8j9nXJ6hfbPW6z8KU8tts_fi_lXU9LnEtGAxzdbrRwF5GQ
.vcita.com/	1970-01-21 05:01:58	Name: mp_814301bcd06305ef3bd8af57d3a0ab31_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18f351b0f05960-0bd517ad065152-26001d51-1d4c00-18f351b0f05960%22%2C%22%24device_id%22%3A%20%2218f351b0f05960-0bd517ad065152-26001d51-1d4c00-18f351b0f05960%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Flive.vcita.com%2F%22%2C%22%24initial_referring_domain%22%3A%20%22live.vcita.com%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22https%3A%2F%2Flive.vcita.com%2F%22%2C%22%24initial_referring_domain%22%3A%20%22live.vcita.com%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.vcita.com/	1970-01-20 20:16:24	Name: __cf_bm Value: pDPSSzVvN8Q2nw_vv4Cc79HBzsDKhpTq3CelQkMajSU-1714582917-1.0.1.1-7mKkQUCFtg8Zibcw5EHWpasB1uNLaQQeQ7GgH5VMLRX_bUqdN8Qo8MvySC5ZGTTeXdNnNLJQkpRdA2_Xtjk3wrqGQr3UIaLtK1ty_73PQpo
.vcita.com/	1969-12-31 23:59:59	Name: _cfuvid Value: CMmyIoo3Ex2hDzogpJJqM5YBpPsPS1DHWVqc4bxznyY-1714582917763-0.0.1.1-604800000
m.stripe.com/	1970-01-21 05:52:22	Name: m Value: db8a8fbb-5358-4b21-9492-e37fee24551e633e9e
.clients.vcita.com/	1970-01-21 05:01:58	Name: __stripe_mid Value: 92229068-1569-45da-98c2-f9ef294bf3562b1bcc
.clients.vcita.com/	1970-01-20 20:16:24	Name: __stripe_sid Value: ff887616-49ea-460c-b4b9-eca477b2b33f67d077

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
intervention	info	URL: https://d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?ver=1714582912(Line 24) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
security	error	URL: https://www.vcita.com/api/client_zones/qac9nj8ifzmr5ryy/account/active_engage_gate(Line 4) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-+k+U1HKjyVLWWT+aR4rGHdJJs1SqatL7WFqMOnwAeg4='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://www.vcita.com/api/client_zones/qac9nj8ifzmr5ryy/account/active_engage_gate(Line 21) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-kjikB1vJjLyetu+kWb/AFihv7tL69FtjKCyOwyA/z6k='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://www.vcita.com/api/client_zones/qac9nj8ifzmr5ryy/account/active_engage_gate(Line 36) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-RVLx6qhjQkj0saA0B8GNFR95LI9VXPTQEYtcJ/rKntE='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://www.vcita.com/api/client_zones/qac9nj8ifzmr5ryy/account/active_engage_gate Message: [Report Only] Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.vcita.com/api/client_zones/qac9nj8ifzmr5ryy/account/active_engage_gate(Line 36) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-A4Iq0RVL9xfy2L+4Zl7K5MKC3StcGQXj7S8I0MWvIJE='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	Message: [Report Only] Refused to load the script 'https://www.vcita.com/cdn-cgi/challenge-platform/scripts/jsd/main.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
intervention	info	URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.96554c30.js(Line 147) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
intervention	info	URL: https://clients.vcita.com/portal/qac9nj8ifzmr5ryy#/payments/k52ooqko853gn9dh/invoice?&s=https%3A%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Ffrom_email%3Dtrue%26requested_path%3D%2Finvoices%2Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26o%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%3D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26pay%3Dfalse&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&old_route=payments%2Fk52ooqko853gn9dh%2Finvoice&openCheckout=false&from_email=true&requested_path=%2Finvoices%2Fk52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&pay=false&vitrage_iframe=true&client_jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiMWI2cWlobmtmZXh6MGd1cyIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6InFhYzluajhpZnptcjVyeXkifSwiZXhwIjoxNzE0NTk3MzE0LCJ0eXBlIjoiY2xpZW50IiwianRpIjoiNDkwNmY2NDY2ZDYyOTkxN2ZkMjIxNThiYWM0ODE5MzIxYjc1MjE5MDBkYWU2Zjc1YjVhYWYxOGIxZTRiNzBmOSJ9.lgiDNFt_q9JM7CtC4_ddXdRcvHvT6DqF4FNFuV1BguI&isWidget=false Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
intervention	info	URL: https://clients.vcita.com/portal/qac9nj8ifzmr5ryy#/payments/k52ooqko853gn9dh/invoice?&s=https%3A%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Ffrom_email%3Dtrue%26requested_path%3D%2Finvoices%2Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26o%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%3D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26pay%3Dfalse&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&old_route=payments%2Fk52ooqko853gn9dh%2Finvoice&openCheckout=false&from_email=true&requested_path=%2Finvoices%2Fk52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&pay=false&vitrage_iframe=true&client_jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiMWI2cWlobmtmZXh6MGd1cyIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6InFhYzluajhpZnptcjVyeXkifSwiZXhwIjoxNzE0NTk3MzE0LCJ0eXBlIjoiY2xpZW50IiwianRpIjoiNDkwNmY2NDY2ZDYyOTkxN2ZkMjIxNThiYWM0ODE5MzIxYjc1MjE5MDBkYWU2Zjc1YjVhYWYxOGIxZTRiNzBmOSJ9.lgiDNFt_q9JM7CtC4_ddXdRcvHvT6DqF4FNFuV1BguI&isWidget=false Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://djbvmk5k5vh9e.cloudfront.net/assets/icomoon.08c372d2.woff?-rdmvgd
other	warning	URL: https://live.vcita.com/site/qac9nj8ifzmr5ryy/action?from_email=true&requested_path=%2Finvoices%2Fk52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&pay=false Message: Third-party cookie will be blocked. Learn more in the Issues tab.
intervention	info	URL: https://clients.vcita.com/portal/qac9nj8ifzmr5ryy#/payments/k52ooqko853gn9dh/invoice?s=https%3A%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Ffrom_email%3Dtrue%26requested_path%3D%2Finvoices%2Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26o%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%3D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26pay%3Dfalse&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&old_route=payments%2Fk52ooqko853gn9dh%2Finvoice&openCheckout=false&from_email=true&requested_path=%2Finvoices%2Fk52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&pay=false&vitrage_iframe=true&client_jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiMWI2cWlobmtmZXh6MGd1cyIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6InFhYzluajhpZnptcjVyeXkifSwiZXhwIjoxNzE0NTk3MzE0LCJ0eXBlIjoiY2xpZW50IiwianRpIjoiNDkwNmY2NDY2ZDYyOTkxN2ZkMjIxNThiYWM0ODE5MzIxYjc1MjE5MDBkYWU2Zjc1YjVhYWYxOGIxZTRiNzBmOSJ9.lgiDNFt_q9JM7CtC4_ddXdRcvHvT6DqF4FNFuV1BguI&isWidget=false Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
intervention	info	URL: https://clients.vcita.com/portal/qac9nj8ifzmr5ryy#/payments/k52ooqko853gn9dh/invoice?s=https%3A%2F%2Flive.vcita.com%2Fsite%2Fqac9nj8ifzmr5ryy%2Faction%3Ffrom_email%3Dtrue%26requested_path%3D%2Finvoices%2Fk52ooqko853gn9dh%26engagement%3Dvyx8st0p6umynfb0%26matter_uid%3Dvyx8st0p6umynfb0%26flow%3DEmail_Action%26flow_origin%3Dmessage_request%26flow_action%3Dview_payment%26o%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%3D%26vtm_cp%3DbWVzc2FnZV9yZXF1ZXN0%26pay%3Dfalse&vtm_cp=bWVzc2FnZV9yZXF1ZXN0&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&old_route=payments%2Fk52ooqko853gn9dh%2Finvoice&openCheckout=false&from_email=true&requested_path=%2Finvoices%2Fk52ooqko853gn9dh&engagement=vyx8st0p6umynfb0&matter_uid=vyx8st0p6umynfb0&flow=Email_Action&flow_origin=message_request&flow_action=view_payment&pay=false&vitrage_iframe=true&client_jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiMWI2cWlobmtmZXh6MGd1cyIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6InFhYzluajhpZnptcjVyeXkifSwiZXhwIjoxNzE0NTk3MzE0LCJ0eXBlIjoiY2xpZW50IiwianRpIjoiNDkwNmY2NDY2ZDYyOTkxN2ZkMjIxNThiYWM0ODE5MzIxYjc1MjE5MDBkYWU2Zjc1YjVhYWYxOGIxZTRiNzBmOSJ9.lgiDNFt_q9JM7CtC4_ddXdRcvHvT6DqF4FNFuV1BguI&isWidget=false Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.vcita.biz
api2.vcita.com
c15117557.ssl.cf2.rackcdn.com
cdn.icomoon.io
cdn.mxpnl.com
clickme.vcita.com
clients.vcita.com
d1azc1qln24ryf.cloudfront.net
d27yogw9sew6u9.cloudfront.net
d2ra6nuwn69ktl.cloudfront.net
djbvmk5k5vh9e.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
live.vcita.com
maps.googleapis.com
res.cloudinary.com
static.cloudflareinsights.com
www.google.com
www.vcita.com
api.vcita.biz
api2.vcita.com
www.vcita.com
104.16.79.73
104.18.26.3
104.18.27.3
104.18.7.170
108.156.133.123
108.156.133.34
108.158.4.72
13.225.0.83
13.33.47.12
13.33.88.13
130.211.5.208
138.199.46.67
142.251.10.106
151.101.65.137
172.217.194.95
23.202.128.182
74.125.200.94
74.125.68.95
0274f50713674b723951285f47a847f65bc489837788633f75e8d18a07411e7e
05395fad7f38e493636cd48750c185d5c2e03f3b6cf5eeab8a8779da0facfe92
08c372d2f393302ad0795615edd7bec4cb5dbc3bd6bc58b456eb687d062d35c4
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
21ea97f46222e9b52d78d22e0fa84c02f2d7bc9b65f8ef913b957591969fea57
2a0ab113e3cf272c2748c0ddbf8a0fc6f9115ff04b29a5df6f0fd74fc3136ca0
2b73987c4e8717f685c1c3af09e1f326d1dfe402c0aea84730bb57aa98cecb51
2c8352ddf516bf97f2cefd10041a447856f6e3e5dd29ac68fa615bfd152aad33
2eea52a18df9e33da5f4dc623a10459dd4d43375dd9a8482af5273ebf00e057c
39859ec34abc8efc0e8b7c077658d666f362565d0268cdfca78c8b19ecade0f9
44b474b58771059cc9ff9f5bc53c1acb7eb156e930c1775139301f79ab22d426
4561068f35253d6d1629b2dbfd7b76ad9483c481d63be228b0d8708cfd255b00
45bb9471239379b5d4f90ec8f894daf924dbb44c9e5084ddcee7eb6dec6fdbe6
4ca1cdc642c52f8b327621e0f62ab1379e385e79a465190effb1cce8439fafd0
58e93385632bc6150f8cd386c98e62eb8a63621a12d0d6a69c15219916dbb126
61979bc93cd00c8332c36683ce0529efa97f2b5acf66b1f8e367380dc16bee66
63c096faad642f29dd0b84dab6717bf8e7719a213e0a8e1a73f82259c8696966
6581df55cacd11d37c644517003eff1d9be61320d7996811d010ecb794545296
6811cc97397dc63852d6399794f13da20da37501c6e15fa1f632e9514927b50f
688aac7001b9cf8483f8ecff49f1d2a7581998e2a9c794d6fb3aca2752552535
689f524d4be8c3c81edf98d288ee03455f0965e87900216dc11d68f9fadfd476
70973ded0c5fce89c6fd4ac5440077e68158f374e5f01cd3f5738dcb9a135ef2
72d06f278aed78a5165c67798f0589fdaf2ab19d1d5ce4a2da31a34e2c59a5a9
7ae98fe67df45b2b56e2fb836854ec33b051c2ba4e415e3b280ef28f273e337f
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
877e8d86e577dadb8fa89757a532fdafcf92adfdc7507697f25199361637e095
87a9dc9be70cd0233d8ce1e472fe0751e178b7a1a42f5adde35f275ef0cefcc3
8d54c2e2518b2cff25c8a09239375842f02c3ce9bef65db4097e36d7d94a83b1
8f450b669b7885c1b3fa5f61a0c4c5dc7ab673ed97eeadc626bdcdaf41ed0d68
9089d9d5074150ee3a24388e41305225876b6f8a9e5a563828022442b80fc85b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94f767ce6f01b34999c78eeeb98b3d09c0ee1c8f8b86ed8ebfa8df9ca651ce24
9d7b8f4fac61ab33ed4f14e0f9fe4dbdc98633267df1ea75add4bec949b6e8e6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a542c2c35c73fc473767076d25fce006b33ad80f245753bac8ed2369847537bd
a960f7bc548115a971849f5e4fad2b1a8859194c970dd5c0b6c07d34d89b7029
a9934604c73c12cab5bc62105b25f7b414f23defe8573e28e77264495f47778b
bdbf5910788c62244e3ff8b0ad8dc95f31dfda9d7f4a2ebb7b8a587ccb99972f
c4092490bafa805a2511bcdfae03f5a48d90ded7d181833bb5b27c20c44b6df6
c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586
c99fe3f1efde07dcbfb56df3ba1edaac56efb2d62f5f19ded04868488db8228c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
e3af1c4c0313cf5fbbde942a632ef04600ee87f22605e4e4c12bd900aed497e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b87b1dbb2e6dc02e962e4a8a97193d09875557a6fc0ccf828c6c301db90ae3
e99a0c301ded3af0ad3e5ccdee4d2977a9470a97c7fa506a4a296de6cf1126e4
eceb1abce669110dcf5c1f43b5a67d5c5c2d9b44daeffa00827f39d61f23e533
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

live.vcita.com Open in urlscan Pro 104.18.7.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

91 %HTTPS

0 %IPv6

12 Domains

20 Subdomains

17 IPs

3 Countries

3241 kBTransfer

9900 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

live.vcita.com Open in urlscan Pro
104.18.7.170 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

91 %
HTTPS

0 %
IPv6

12
Domains

20
Subdomains

17
IPs

3
Countries

3241 kB
Transfer

9900 kB
Size

15
Cookies

75 HTTP transactions
1 data transactions