auth.clientportal.capitaladvisors.com Open in urlscan Pro
104.19.168.24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://auth.clientportal.capitaladvisors.com/
Effective URL:
https://auth.clientportal.capitaladvisors.com/u/login/identifier?state=hKFo2SBiWHNfZkdSTmhsSFlrWEZKWU9FR3R3YWxqeW5TQ2xwSKFur3VuaXZlcnNhbC1sb2d...
Submission: On April 06 via api (April 6th 2024, 1:32:52 am UTC) from US — Scanned from US

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 104.19.168.24, located in and belongs to CLOUDFLARENET, US. The main domain is auth.clientportal.capitaladvisors.com.
TLS certificate: Issued by E1 on April 5th 2024. Valid for: 3 months.

This is the only time auth.clientportal.capitaladvisors.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700::68... 2606:4700::6813:a818	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2600:9000:21a... 2600:9000:21a2:800:5:b523:940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.19.168.24 104.19.168.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:269... 2600:9000:269f:3200:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
1	104.197.227.188 104.197.227.188	15169 (GOOGLE) (GOOGLE)
3	2600:9000:269... 2600:9000:269f:6000:13:4a3a:95c0:93a1	16509 (AMAZON-02) (AMAZON-02)
18	6

2 2606:4700::6813:a818 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

auth.clientportal.capitaladvisors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:21a2:800:5:b523:940:93a1 (United States)

ASN16509 (AMAZON-02, US)

clientportal.capitaladvisors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.168.24 (None, )

ASN13335 (CLOUDFLARENET, US)

auth.clientportal.capitaladvisors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:269f:3200:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.197.227.188 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 188.227.197.104.bc.googleusercontent.com

www.capitaladvisors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:269f:6000:13:4a3a:95c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.capitaladvisors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	capitaladvisors.com 2 redirects auth.clientportal.capitaladvisors.com clientportal.capitaladvisors.com static.capitaladvisors.com Failed www.capitaladvisors.com	1 MB
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 6814	63 KB
18	2

	Domain	Requested by
11	clientportal.capitaladvisors.com	clientportal.capitaladvisors.com
3	static.capitaladvisors.com	auth.clientportal.capitaladvisors.com
3	auth.clientportal.capitaladvisors.com	2 redirects clientportal.capitaladvisors.com
1	www.capitaladvisors.com	auth.clientportal.capitaladvisors.com
1	cdn.auth0.com	auth.clientportal.capitaladvisors.com
18	5

This site contains no links.

Subject Issuer	Validity	Valid
clientportal.capitaladvisors.com Amazon RSA 2048 M03	`2023-11-22` - `2024-12-20`	a year	crt.sh
auth.clientportal.capitaladvisors.com E1	`2024-04-05` - `2024-07-04`	3 months	crt.sh
*.auth0.com Amazon RSA 2048 M03	`2024-01-25` - `2025-02-22`	a year	crt.sh
www.capitaladvisors.com R3	`2024-04-02` - `2024-07-01`	3 months	crt.sh
static.capitaladvisors.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://auth.clientportal.capitaladvisors.com/u/login/identifier?state=hKFo2SBiWHNfZkdSTmhsSFlrWEZKWU9FR3R3YWxqeW5TQ2xwSKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGNqRWRGTk1mc0NESlU1Q3VNZTVfcmJRdG9aUlRHYUdIo2NpZNkgYWlRN0ZSNDQwVnRYMUM4ZnY2a2ZuMEVTS0U2MG9JTWE
Frame ID: 64D0E3D9EABEBA6015F4C7DE93487FA9
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Client Portal | Login

Page URL History Show full URLs

https://auth.clientportal.capitaladvisors.com/ HTTP 302
https://clientportal.capitaladvisors.com/ Page URL
https://auth.clientportal.capitaladvisors.com/authorize?client_id=aiQ7FR440VtX1C8fv6kfn0ESKE60oIMa&scope=openid+call%3Apor... HTTP 302
https://auth.clientportal.capitaladvisors.com/u/login/identifier?state=hKFo2SBiWHNfZkdSTmhsSFlrWEZKWU9FR3R3YWxqeW5TQ2xwSKF... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

/tiny_?mce(?:\.min)?\.js

Page Statistics

18
Requests

94 %
HTTPS

67 %
IPv6

2
Domains

5
Subdomains

6
IPs

2
Countries

1438 kB
Transfer

3776 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://auth.clientportal.capitaladvisors.com/ HTTP 302
https://clientportal.capitaladvisors.com/ Page URL
https://auth.clientportal.capitaladvisors.com/authorize?client_id=aiQ7FR440VtX1C8fv6kfn0ESKE60oIMa&scope=openid+call%3Aportalapi+profile+email+read%3Acurrent_user+update%3Acurrent_user_metadata&audience=client-portal-api-dev&redirect_uri=https%3A%2F%2Fclientportal.capitaladvisors.com&response_type=code&response_mode=query&state=N3p6SW1RZmE5MFc3SDkuTmtyZ2d3eEZIcjMwWUM5Y2VTSX5kRlp4a3E5aw%3D%3D&nonce=bXpkaTJSeFpFdl9%2BeVBnc0pXRWtzLkJiekpJbU9FN0R1QXA1eGRoek92Wg%3D%3D&code_challenge=c_8k-Gg_oCj1Av7KCRiwWCqET7N0gS25QZVmjA6EBsc&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjAifQ%3D%3D HTTP 302
https://auth.clientportal.capitaladvisors.com/u/login/identifier?state=hKFo2SBiWHNfZkdSTmhsSFlrWEZKWU9FR3R3YWxqeW5TQ2xwSKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGNqRWRGTk1mc0NESlU1Q3VNZTVfcmJRdG9aUlRHYUdIo2NpZNkgYWlRN0ZSNDQwVnRYMUM4ZnY2a2ZuMEVTS0U2MG9JTWE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://auth.clientportal.capitaladvisors.com/ HTTP 302
https://clientportal.capitaladvisors.com/

18 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
clientportal.capitaladvisors.com/
Redirect Chain

https://auth.clientportal.capitaladvisors.com/
https://clientportal.capitaladvisors.com/

2 KB
1 KB

302ms
161ms

Document
text/html

2600:9000:21a2:800:5:b523:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.capitaladvisors.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21a2:800:5:b523:940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c1f448f4335265c29c78eb25df1d1bfe3a7f610452a021828ae56fb341f23990

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
content-type: text/html
date: Sat, 06 Apr 2024 01:32:45 GMT
etag: W/"375cec057852d88cae0447df6ef91430"
last-modified: Fri, 05 Apr 2024 22:10:00 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 bab918d4b27bc252683dafa737d07e68.cloudfront.net (CloudFront)
x-amz-cf-id: Sj7DZ32ObM9gOogEwrjG-5wSOzwj56DLYtloIEgNewf8-dthHRbknA==
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60
cf-cache-status: DYNAMIC
cf-ray: 86fe069878094bc7-BUF
content-type: text/html; charset=utf-8
date: Sat, 06 Apr 2024 01:32:44 GMT
location: https://clientportal.capitaladvisors.com/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-auth0-requestid: 8772f86d3416656efb2e
x-content-type-options: nosniff

GET
H2 200 tinymce.min.js Show response
clientportal.capitaladvisors.com/assets/js/tinymce/ 399 KB
131 KB 203ms
202ms Script
application/javascript 2600:9000:21a2:800:5:b523:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.capitaladvisors.com/assets/js/tinymce/tinymce.min.js

Requested by

Host: clientportal.capitaladvisors.com
URL: https://clientportal.capitaladvisors.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21a2:800:5:b523:940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e5402563daa779cfdfd3e8d69949b1a2f00368c70e6148da2a45637a79c4db0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clientportal.capitaladvisors.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 01:32:45 GMT
content-encoding: br
via: 1.1 bab918d4b27bc252683dafa737d07e68.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 22:10:00 GMT
server: AmazonS3
etag: W/"6d7b601cf9ea7bd4541102daed01d398"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
x-amz-cf-id: CvQS8EkpPYKiIj7ySeelYQTGH_Fe_SC6wePb1Ns_rFCBdM6959FBbw==

GET
H2 200 react-env.js Show response
clientportal.capitaladvisors.com/assets/js/ 533 B
1 KB 144ms
143ms Script
application/javascript 2600:9000:21a2:800:5:b523:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.capitaladvisors.com/assets/js/react-env.js

Requested by

Host: clientportal.capitaladvisors.com
URL: https://clientportal.capitaladvisors.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21a2:800:5:b523:940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d6818cc4deeb59657b2bfb2608fe0b7bc57b4787aa91d6661acd00d4082844fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clientportal.capitaladvisors.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 01:32:45 GMT
via: 1.1 bab918d4b27bc252683dafa737d07e68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 533
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 22:09:57 GMT
server: AmazonS3
etag: "e540bdbe589be95e26e723b9524e8c74"
x-frame-options: DENY
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: y6g8QbdxCeZYFJiQhm50sHiXq_tyWSvdVG7lF5cmE6_BYrxfZUzrdQ==

GET
H2 200 index-ad09524f.js Show response
clientportal.capitaladvisors.com/assets/ 252 KB
79 KB 190ms
190ms Script
application/javascript 2600:9000:21a2:800:5:b523:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.capitaladvisors.com/assets/index-ad09524f.js

Requested by

Host: clientportal.capitaladvisors.com
URL: https://clientportal.capitaladvisors.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21a2:800:5:b523:940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cf7606f5e283f12b8d79c79e139ece5691f17841b765aa83336334d23b54880c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clientportal.capitaladvisors.com/
Origin: https://clientportal.capitaladvisors.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 01:32:45 GMT
content-encoding: br
via: 1.1 bab918d4b27bc252683dafa737d07e68.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 22:09:57 GMT
server: AmazonS3
etag: W/"0a302d958fd91f5a0fc4927d212998da"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
x-amz-cf-id: z-JYeg1Yu9Tm3zQu1SOaLO-KuYhQ_a2zOd5q_X5gdhNkKb_bPaTN6Q==

GET
H2 200 index-b5bd8bec.css
clientportal.capitaladvisors.com/assets/ 14 KB
4 KB 156ms
155ms Stylesheet
text/css 2600:9000:21a2:800:5:b523:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.capitaladvisors.com/assets/index-b5bd8bec.css

Requested by

Host: clientportal.capitaladvisors.com
URL: https://clientportal.capitaladvisors.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21a2:800:5:b523:940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b5bd8bec36340845077ffff46fd18d6e118fe12ca80bd32aff344344c15527a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clientportal.capitaladvisors.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 01:32:45 GMT
content-encoding: br
via: 1.1 bab918d4b27bc252683dafa737d07e68.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 22:09:57 GMT
server: AmazonS3
etag: W/"340fcfa29a63f7650be58de9f58bf04c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: oKm9br3hXzJcznpr10dsyWDuW4vjEFEk7Ndz2-FNrRNlmxLhGZCl2g==

GET
H2 200 DuruSans-Regular-b24d02eb.ttf
clientportal.capitaladvisors.com/assets/ 83 KB
84 KB 100ms
99ms Font
binary/octet-stream 2600:9000:21a2:800:5:b523:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.capitaladvisors.com/assets/DuruSans-Regular-b24d02eb.ttf

Requested by

Host: clientportal.capitaladvisors.com
URL: https://clientportal.capitaladvisors.com/assets/index-b5bd8bec.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21a2:800:5:b523:940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b24d02eb85930eb6b671bd02e7ae1dcb8f69eb01d947d19a68259594d3ecd088

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clientportal.capitaladvisors.com/assets/index-b5bd8bec.css
Origin: https://clientportal.capitaladvisors.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 01:32:46 GMT
via: 1.1 bab918d4b27bc252683dafa737d07e68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 85060
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 22:09:57 GMT
server: AmazonS3
etag: "2ad21e74a28161ee8397905108a59e0c"
x-frame-options: DENY
content-type: binary/octet-stream
accept-ranges: bytes
x-amz-cf-id: GON4jQKZhUZeMb6ZhZEdYn9usGNVn2El7sjoLkw4BQhAq607DucZIg==

GET
H2 200 RootPortal-9f9372a4.js Show response
clientportal.capitaladvisors.com/assets/ 2 MB
547 KB 204ms
203ms Script
application/javascript 2600:9000:21a2:800:5:b523:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.capitaladvisors.com/assets/RootPortal-9f9372a4.js

Requested by

Host: clientportal.capitaladvisors.com
URL: https://clientportal.capitaladvisors.com/assets/index-ad09524f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21a2:800:5:b523:940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

03f5caae533f69d1fc6ee5afcbc87c00b0b629563acfc337f96218fe8687213f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://clientportal.capitaladvisors.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 01:32:46 GMT
content-encoding: br
via: 1.1 bab918d4b27bc252683dafa737d07e68.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 22:09:57 GMT
server: AmazonS3
etag: W/"1d42eaf988a7130a4fff9cdca816ed14"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
x-amz-cf-id: Xe7110BVb7LSbG7Z_xW7SxfhI7NyJAShUWhXILMR0B4bW-VJqohURg==

GET
H2 200 portalHoldingsSlice-ee166a80.js Show response
clientportal.capitaladvisors.com/assets/ 32 KB
12 KB 168ms
167ms Script
application/javascript 2600:9000:21a2:800:5:b523:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.capitaladvisors.com/assets/portalHoldingsSlice-ee166a80.js

Requested by

Host: clientportal.capitaladvisors.com
URL: https://clientportal.capitaladvisors.com/assets/index-ad09524f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21a2:800:5:b523:940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f92d20933169af6d393059db94448ffe7b746eb8ccdb5f244e5bb7a605060901

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://clientportal.capitaladvisors.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 01:32:46 GMT
content-encoding: br
via: 1.1 bab918d4b27bc252683dafa737d07e68.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 22:10:00 GMT
server: AmazonS3
etag: W/"6609cc83e0539ac30bfddf05700b7e15"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
x-amz-cf-id: pOn1IRiUQrbcTnt_ZIsXi9TE25KW6iEHCy9UjDIJTzrd5Iu48E7ojA==

GET
H2 200 RootPortal-96acb1f3.css
clientportal.capitaladvisors.com/assets/ 3 KB
1 KB 167ms
166ms Stylesheet
text/css 2600:9000:21a2:800:5:b523:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.capitaladvisors.com/assets/RootPortal-96acb1f3.css

Requested by

Host: clientportal.capitaladvisors.com
URL: https://clientportal.capitaladvisors.com/assets/index-ad09524f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21a2:800:5:b523:940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

96acb1f3a0a24807afcf13b62626884d460a840bc8cc7ad5575eb10e3e19a2bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clientportal.capitaladvisors.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 01:32:46 GMT
content-encoding: br
via: 1.1 bab918d4b27bc252683dafa737d07e68.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 22:09:57 GMT
server: AmazonS3
etag: W/"9539ec6b48330a77444b42bb6049bb18"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: X6LTU8sBxO5KPY76X90oTLxAC5ZSrjum5riL9NbYyyrkSOZ5Uzo9Gg==

GET
H2 200 index-f374549f.js Show response
clientportal.capitaladvisors.com/assets/ 175 B
853 B 139ms
138ms Script
application/javascript 2600:9000:21a2:800:5:b523:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.capitaladvisors.com/assets/index-f374549f.js

Requested by

Host: clientportal.capitaladvisors.com
URL: https://clientportal.capitaladvisors.com/assets/index-ad09524f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21a2:800:5:b523:940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b8336c2d4c897d53833cc270de88cdc0c01be7d5b5559501c75060f26091e15c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://clientportal.capitaladvisors.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 01:32:46 GMT
via: 1.1 bab918d4b27bc252683dafa737d07e68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 175
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 22:09:57 GMT
server: AmazonS3
etag: "9897412af9328b6aa891ea141b444dfe"
x-frame-options: DENY
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: chBJzQbsk9W1AJRu4Bjx2goWmhU-bANDIGW15xtujnOUhEglk165oQ==

GET
H2 200 favicon.png
clientportal.capitaladvisors.com/ 4 KB
5 KB 196ms
196ms Other
image/png 2600:9000:21a2:800:5:b523:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.capitaladvisors.com/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21a2:800:5:b523:940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1ee0d187298e14d15b69f8b13af42e3647d68f6f124b5bb4d1788cf93e1bf41d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clientportal.capitaladvisors.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 01:32:46 GMT
via: 1.1 bab918d4b27bc252683dafa737d07e68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
strict-transport-security: max-age=31536000
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 4276
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 22:10:00 GMT
server: AmazonS3
etag: "956a7c6a2d2844d7de100b0c3d203998"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 7lesNqlWB7vm_N4hyjGVbThJ6mxZL9uBDRh2PtAkztmWNqpj_uXdMA==

GET
H3

200

Primary Request identifier Show response
auth.clientportal.capitaladvisors.com/u/login/
Redirect Chain

https://auth.clientportal.capitaladvisors.com/authorize?client_id=aiQ7FR440VtX1C8fv6kfn0ESKE60oIMa&scope=openid+call%3Aportalapi+profile+email+read%3Acurrent_user+update%3Acurrent_user_metadata&aud...
https://auth.clientportal.capitaladvisors.com/u/login/identifier?state=hKFo2SBiWHNfZkdSTmhsSFlrWEZKWU9FR3R3YWxqeW5TQ2xwSKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGNqRWRGTk1mc0NESlU1Q3VNZTVfcmJRdG9aUlRHYUdIo2...

36 KB
37 KB

616ms
616ms

Document
text/html

104.19.168.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.clientportal.capitaladvisors.com/u/login/identifier?state=hKFo2SBiWHNfZkdSTmhsSFlrWEZKWU9FR3R3YWxqeW5TQ2xwSKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGNqRWRGTk1mc0NESlU1Q3VNZTVfcmJRdG9aUlRHYUdIo2NpZNkgYWlRN0ZSNDQwVnRYMUM4ZnY2a2ZuMEVTS0U2MG9JTWE

Requested by

Host: clientportal.capitaladvisors.com
URL: https://clientportal.capitaladvisors.com/assets/RootPortal-9f9372a4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.168.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e357d4964b37e5fcbec5f90a6b65645936dfac6d0b17d828762331fa416c5d54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clientportal.capitaladvisors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 86fe06a3dc6a39d8-YYZ
content-language: en
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Sat, 06 Apr 2024 01:32:46 GMT
etag: W/"904e-zndvMwfCYI+aTLITpBIDtwVZQ1g"
expires: Sat, 06 Apr 2024 01:32:46 GMT
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-dl: 279
x-auth0-requestid: c4ae72e7c36b46ec543c
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 20
x-ratelimit-remaining: 19
x-ratelimit-reset: 1712367173
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 86fe06a27b1b4bc7-BUF
content-length: 446
content-type: text/html; charset=utf-8
date: Sat, 06 Apr 2024 01:32:46 GMT
location: /u/login/identifier?state=hKFo2SBiWHNfZkdSTmhsSFlrWEZKWU9FR3R3YWxqeW5TQ2xwSKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGNqRWRGTk1mc0NESlU1Q3VNZTVfcmJRdG9aUlRHYUdIo2NpZNkgYWlRN0ZSNDQwVnRYMUM4ZnY2a2ZuMEVTS0U2MG9JTWE
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-auth0-requestid: 28f8fe4a41dcf54c2c65
x-content-type-options: nosniff
x-ratelimit-limit: 100
x-ratelimit-remaining: 99
x-ratelimit-reset: 1712367166

GET
H2 200 main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.87.4/css/ 272 KB
63 KB 146ms
39ms Stylesheet
text/css 2600:9000:269f:3200:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/ulp/react-components/1.87.4/css/main.cdn.min.css

Requested by

Host: auth.clientportal.capitaladvisors.com
URL: https://auth.clientportal.capitaladvisors.com/u/login/identifier?state=hKFo2SBiWHNfZkdSTmhsSFlrWEZKWU9FR3R3YWxqeW5TQ2xwSKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGNqRWRGTk1mc0NESlU1Q3VNZTVfcmJRdG9aUlRHYUdIo2NpZNkgYWlRN0ZSNDQwVnRYMUM4ZnY2a2ZuMEVTS0U2MG9JTWE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:269f:3200:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

40db496b666bc587f8159cca9f8ff43b1c83d8ef1d7b3438a5056480ece8a125

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 1tUZ2hbU4Y2ULW91Rsg26QsTE78M3mcV
content-encoding: gzip
via: 1.1 e4319b693fea530a4675a1f616581394.cloudfront.net (CloudFront)
date: Fri, 05 Apr 2024 09:10:14 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: YUL62-P1
age: 58953
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Tue, 19 Mar 2024 12:47:33 GMT
server: AmazonS3
etag: W/"f13bbbda75559ca0f00deb30cf7d838e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
x-robots-tag: noindex
x-amz-cf-id: gSJLVWa_I4AyscdUqbzwSoGjNdgIgUsG_Kk7sQA-acs6QtCcLqinzQ==

GET cag-logo-header.png
static.capitaladvisors.com/ 0
0

GET
H2 200 placeholder-for-website.jpg
www.capitaladvisors.com/wp-content/uploads/2023/03/ 17 KB
18 KB 459ms
99ms Image
image/jpeg 104.197.227.188
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capitaladvisors.com/wp-content/uploads/2023/03/placeholder-for-website.jpg
Requested by: Host: auth.clientportal.capitaladvisors.com
URL: https://auth.clientportal.capitaladvisors.com/u/login/identifier?state=hKFo2SBiWHNfZkdSTmhsSFlrWEZKWU9FR3R3YWxqeW5TQ2xwSKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGNqRWRGTk1mc0NESlU1Q3VNZTVfcmJRdG9aUlRHYUdIo2NpZNkgYWlRN0ZSNDQwVnRYMUM4ZnY2a2ZuMEVTS0U2MG9JTWE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.227.188 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.227.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4e5973cea7e9a63dc854f87a4408bc8a92a222371c859b05ccfc632c7f7403cc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 01:32:47 GMT
last-modified: Wed, 21 Jun 2023 20:33:05 GMT
server: nginx
etag: "64935e81-4554"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17748

GET
H2 200 bg.jpg
static.capitaladvisors.com/login/ 365 KB
365 KB 199ms
199ms Image
image/jpeg 2600:9000:269f:6000:13:4a3a:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.capitaladvisors.com/login/bg.jpg
Requested by: Host: auth.clientportal.capitaladvisors.com
URL: https://auth.clientportal.capitaladvisors.com/u/login/identifier?state=hKFo2SBiWHNfZkdSTmhsSFlrWEZKWU9FR3R3YWxqeW5TQ2xwSKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGNqRWRGTk1mc0NESlU1Q3VNZTVfcmJRdG9aUlRHYUdIo2NpZNkgYWlRN0ZSNDQwVnRYMUM4ZnY2a2ZuMEVTS0U2MG9JTWE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:6000:13:4a3a:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02021179864df9c55d88b0ff3232e929c8b351cc8eb57a23d44c838ee7c75664

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://auth.clientportal.capitaladvisors.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 01:32:47 GMT
via: 1.1 82411d437ee2d2355a407b78473e6156.cloudfront.net (CloudFront)
last-modified: Fri, 05 Apr 2024 16:38:49 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P1
etag: "67cfe3ac09823429d5863d71ab1e2678"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 373330
x-amz-cf-id: CdNOws0hJD5VaFkTpvLIchg9_BfOAAwRJ5vMhvRsy31c06DSL0nLQA==

GET
DATA 200
OK truncated
/ 776 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bc0eb79df6b7956c199c8ba2b243d802990a9af3a46cbce533520ec86cbfd03

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 duru-sans.ttf
static.capitaladvisors.com/login/ 83 KB
84 KB 267ms
194ms Font
binary/octet-stream 2600:9000:269f:6000:13:4a3a:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.capitaladvisors.com/login/duru-sans.ttf
Requested by: Host: auth.clientportal.capitaladvisors.com
URL: https://auth.clientportal.capitaladvisors.com/u/login/identifier?state=hKFo2SBiWHNfZkdSTmhsSFlrWEZKWU9FR3R3YWxqeW5TQ2xwSKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGNqRWRGTk1mc0NESlU1Q3VNZTVfcmJRdG9aUlRHYUdIo2NpZNkgYWlRN0ZSNDQwVnRYMUM4ZnY2a2ZuMEVTS0U2MG9JTWE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:6000:13:4a3a:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b24d02eb85930eb6b671bd02e7ae1dcb8f69eb01d947d19a68259594d3ecd088

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://auth.clientportal.capitaladvisors.com/
Origin: https://auth.clientportal.capitaladvisors.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 01:32:48 GMT
via: 1.1 bc3e3445494dc5a4f9373d4212505c68.cloudfront.net (CloudFront)
last-modified: Fri, 05 Apr 2024 22:11:21 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P1
etag: "2ad21e74a28161ee8397905108a59e0c"
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 85060
x-amz-cf-id: 3EtRF2udEX6YNJkhVP6o-8jLkFFKVhpQf91DImqL5NwZNd8Rms7thQ==

GET
H2 200 favicon.png
static.capitaladvisors.com/login/ 4 KB
5 KB 144ms
143ms Other
image/png 2600:9000:269f:6000:13:4a3a:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.capitaladvisors.com/login/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:6000:13:4a3a:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ee0d187298e14d15b69f8b13af42e3647d68f6f124b5bb4d1788cf93e1bf41d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 01:32:48 GMT
via: 1.1 82411d437ee2d2355a407b78473e6156.cloudfront.net (CloudFront)
last-modified: Fri, 05 Apr 2024 17:45:48 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P1
etag: "956a7c6a2d2844d7de100b0c3d203998"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4276
x-amz-cf-id: ndP_hZr34ZI6mUuQvRtRCk5wY92pdtWmmRF4IJT4HxQs82eDEXwH8A==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.capitaladvisors.com
URL: https://static.capitaladvisors.com/cag-logo-header.png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ulpFlags

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
auth.clientportal.capitaladvisors.com/	1970-01-21 04:25:24	Name: did Value: s%3Av0%3A920204a0-f3b5-11ee-b4da-f72196703404.8is8hCkI7UQC1migdHlXR4UGXHlYXUE4jeF6h0EIoQQ
auth.clientportal.capitaladvisors.com/	1970-01-20 19:43:46	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQAVIBS_BXkGa-ikIgI-4cO-o0aBs7GTn2ADsOeLD8bkntPKaPpvWjB25z8YNiFvhSqbPxx6bEWbegfeSLz3sxLymY29va2llg6dleHBpcmVz1__rFKoAZhSava5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.QOR5mO8ywTgsntEGPbN3uCkGswyd8PQ4ky3dsUzzsj8
auth.clientportal.capitaladvisors.com/	1970-01-21 04:25:24	Name: did_compat Value: s%3Av0%3A920204a0-f3b5-11ee-b4da-f72196703404.8is8hCkI7UQC1migdHlXR4UGXHlYXUE4jeF6h0EIoQQ
auth.clientportal.capitaladvisors.com/	1970-01-20 19:43:46	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQAVIBS_BXkGa-ikIgI-4cO-o0aBs7GTn2ADsOeLD8bkntPKaPpvWjB25z8YNiFvhSqbPxx6bEWbegfeSLz3sxLymY29va2llg6dleHBpcmVz1__rFKoAZhSava5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.QOR5mO8ywTgsntEGPbN3uCkGswyd8PQ4ky3dsUzzsj8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; frame-src https://cagportal.us.auth0.com/ https://auth.clientportal.capitaladvisors.com; connect-src 'self' https://cagportal.us.auth0.com https://auth.clientportal.capitaladvisors.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.clientportal.capitaladvisors.com
cdn.auth0.com
clientportal.capitaladvisors.com
static.capitaladvisors.com
www.capitaladvisors.com
static.capitaladvisors.com
104.19.168.24
104.197.227.188
2600:9000:21a2:800:5:b523:940:93a1
2600:9000:269f:3200:10:474e:104a:2961
2600:9000:269f:6000:13:4a3a:95c0:93a1
2606:4700::6813:a818
02021179864df9c55d88b0ff3232e929c8b351cc8eb57a23d44c838ee7c75664
03f5caae533f69d1fc6ee5afcbc87c00b0b629563acfc337f96218fe8687213f
1ee0d187298e14d15b69f8b13af42e3647d68f6f124b5bb4d1788cf93e1bf41d
40db496b666bc587f8159cca9f8ff43b1c83d8ef1d7b3438a5056480ece8a125
4e5973cea7e9a63dc854f87a4408bc8a92a222371c859b05ccfc632c7f7403cc
8bc0eb79df6b7956c199c8ba2b243d802990a9af3a46cbce533520ec86cbfd03
96acb1f3a0a24807afcf13b62626884d460a840bc8cc7ad5575eb10e3e19a2bd
b24d02eb85930eb6b671bd02e7ae1dcb8f69eb01d947d19a68259594d3ecd088
b5bd8bec36340845077ffff46fd18d6e118fe12ca80bd32aff344344c15527a7
b8336c2d4c897d53833cc270de88cdc0c01be7d5b5559501c75060f26091e15c
c1f448f4335265c29c78eb25df1d1bfe3a7f610452a021828ae56fb341f23990
cf7606f5e283f12b8d79c79e139ece5691f17841b765aa83336334d23b54880c
d6818cc4deeb59657b2bfb2608fe0b7bc57b4787aa91d6661acd00d4082844fc
e357d4964b37e5fcbec5f90a6b65645936dfac6d0b17d828762331fa416c5d54
e5402563daa779cfdfd3e8d69949b1a2f00368c70e6148da2a45637a79c4db0f
f92d20933169af6d393059db94448ffe7b746eb8ccdb5f244e5bb7a605060901

auth.clientportal.capitaladvisors.com Open in urlscan Pro 104.19.168.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

94 %HTTPS

67 %IPv6

2 Domains

5 Subdomains

6 IPs

2 Countries

1438 kBTransfer

3776 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

auth.clientportal.capitaladvisors.com Open in urlscan Pro
104.19.168.24 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

94 %
HTTPS

67 %
IPv6

2
Domains

5
Subdomains

6
IPs

2
Countries

1438 kB
Transfer

3776 kB
Size

4
Cookies

18 HTTP transactions
1 data transactions