Submitted URL: https://clickme.myclients.email/ls/click?upn=u001.XK1GCY8O3bSPa8w5zs6ta3PqnHEJ-2BjeJDdFlytR8rwokIhop-2FmWHPkQt6SW85fDHLZX9HtTHNz...
Effective URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm...
Submission: On May 25 via manual from US — Scanned from IL

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 83 HTTP transactions. The main IP is 104.18.27.3, located in and belongs to CLOUDFLARENET, US. The main domain is marketingpro.sbtpg.com.
TLS certificate: Issued by GTS CA 1P5 on April 25th 2024. Valid for: 3 months.
This is the only time marketingpro.sbtpg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 143.204.98.18 16509 (AMAZON-02)
4 28 104.18.27.3 13335 (CLOUDFLAR...)
3 142.250.186.42 15169 (GOOGLE)
1 1 108.138.24.162 16509 (AMAZON-02)
1 138.199.37.227 60068 (CDN77 _)
5 18.245.62.85 16509 (AMAZON-02)
1 13.33.158.46 16509 (AMAZON-02)
4 104.16.80.73 13335 (CLOUDFLAR...)
5 142.250.185.131 15169 (GOOGLE)
3 104.19.166.65 13335 (CLOUDFLAR...)
3 23.212.202.218 16625 (AKAMAI-AS)
1 13.32.121.13 16509 (AMAZON-02)
19 18.66.147.58 16509 (AMAZON-02)
1 172.217.18.100 15169 (GOOGLE)
1 35.186.235.23 15169 (GOOGLE)
1 13.32.121.112 16509 (AMAZON-02)
8 104.18.7.170 13335 (CLOUDFLAR...)
1 142.250.184.234 15169 (GOOGLE)
1 52.216.213.240 ()
83 18
Apex Domain
Subdomains
Transfer
26 cloudfront.net
d1azc1qln24ryf.cloudfront.net
d27yogw9sew6u9.cloudfront.net
d2ra6nuwn69ktl.cloudfront.net
djbvmk5k5vh9e.cloudfront.net
2 MB
20 sbtpg.com
marketingpro.sbtpg.com
108 KB
8 vcita.biz
api.vcita.biz — Cisco Umbrella Rank: 562203
4 KB
8 vcita.com
api2.vcita.com — Cisco Umbrella Rank: 284274
3 KB
5 gstatic.com
fonts.gstatic.com
47 KB
4 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 804
7 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
maps.googleapis.com — Cisco Umbrella Rank: 361
82 KB
3 rackcdn.com
c15117557.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 125985
9 KB
3 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 2449
1013 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1088
167 KB
1 amazonaws.com
s3.us-east-1.amazonaws.com
33 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 3738
19 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 icomoon.io
cdn.icomoon.io — Cisco Umbrella Rank: 13561
3 KB
1 myclients.email
clickme.myclients.email
505 B
83 15
Domain Requested by
20 marketingpro.sbtpg.com 4 redirects marketingpro.sbtpg.com
d27yogw9sew6u9.cloudfront.net
static.cloudflareinsights.com
djbvmk5k5vh9e.cloudfront.net
19 djbvmk5k5vh9e.cloudfront.net marketingpro.sbtpg.com
djbvmk5k5vh9e.cloudfront.net
8 api.vcita.biz djbvmk5k5vh9e.cloudfront.net
8 api2.vcita.com djbvmk5k5vh9e.cloudfront.net
5 fonts.gstatic.com fonts.googleapis.com
5 d27yogw9sew6u9.cloudfront.net marketingpro.sbtpg.com
d27yogw9sew6u9.cloudfront.net
4 static.cloudflareinsights.com marketingpro.sbtpg.com
3 c15117557.ssl.cf2.rackcdn.com marketingpro.sbtpg.com
djbvmk5k5vh9e.cloudfront.net
3 res.cloudinary.com marketingpro.sbtpg.com
2 maps.googleapis.com djbvmk5k5vh9e.cloudfront.net
2 js.stripe.com marketingpro.sbtpg.com
js.stripe.com
2 fonts.googleapis.com marketingpro.sbtpg.com
1 s3.us-east-1.amazonaws.com
1 cdn.mxpnl.com djbvmk5k5vh9e.cloudfront.net
1 www.google.com d27yogw9sew6u9.cloudfront.net
1 d2ra6nuwn69ktl.cloudfront.net marketingpro.sbtpg.com
1 cdn.icomoon.io marketingpro.sbtpg.com
1 d1azc1qln24ryf.cloudfront.net 1 redirects
1 clickme.myclients.email 1 redirects
83 19

This site contains links to these domains. Also see Links.

Domain
www.taxintimes.webs.com
maps.google.com
Subject Issuer Validity Valid
marketingpro.sbtpg.com
GTS CA 1P5
2024-04-25 -
2024-07-24
3 months crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
cloudflareinsights.com
GTS CA 1P5
2024-05-08 -
2024-08-06
3 months crt.sh
*.gstatic.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2
2023-12-14 -
2024-06-22
6 months crt.sh
*.ssl.cf2.rackcdn.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-24 -
2024-11-27
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-03-27 -
2024-06-27
3 months crt.sh
*.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1
2023-07-12 -
2024-08-11
a year crt.sh
vcita.com
GTS CA 1P5
2024-04-23 -
2024-07-22
3 months crt.sh
api.vcita.biz
GTS CA 1P5
2024-03-31 -
2024-06-29
3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01
2024-02-08 -
2025-01-11
a year crt.sh

This page contains 8 frames:

Primary Page: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=cmVxdWVzdA==&pay=false
Frame ID: 206368FCABD02C7C097288A0AB5758A5
Requests: 17 HTTP requests in this frame

Frame: https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Frame ID: CF29CD9AEA09C0C1C42634E47B6D2FBF
Requests: 2 HTTP requests in this frame

Frame: https://marketingpro.sbtpg.com/api/client_zones/taxintimes/account/active_engage_gate
Frame ID: D972F1ED0501463BAC703460000EC4A7
Requests: 7 HTTP requests in this frame

Frame: https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: F8C42C9D54AB7D94D550BB59806CFFB9
Requests: 2 HTTP requests in this frame

Frame: https://marketingpro.sbtpg.com/portal/j2jmai7zyqo3xx69
Frame ID: 1A8F1DAC72191AA1DA464B01EAE20F16
Requests: 43 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?key=AIzaSyCE9OftC4I-tJbUqtItGI76CX87RY-h2aU&q=1939%20Goldsmith%20Lane%20suite%20143%2C%20Louisville%2C%20KY%2C%20USA}
Frame ID: E57E105D1B7224C81DA3925FB1348937
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: CD1F0F28E5F2E71FA119DFF3BFE51B7A
Requests: 1 HTTP requests in this frame

Frame: https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Frame ID: B4F95304C65B0933D594BB701A30E28B
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

TAXIN' TIMES

Page URL History Show full URLs

  1. https://clickme.myclients.email/ls/click?upn=u001.XK1GCY8O3bSPa8w5zs6ta3PqnHEJ-2BjeJDdFlytR8rwokIhop-2FmWHPk... HTTP 302
    https://marketingpro.sbtpg.com/site/taxintimes/action?token=SBz3TbMy_cMBzo5i54Xu&from_email=true&requested_... HTTP 302
    https://marketingpro.sbtpg.com/v/taxintimes/home?token=SBz3TbMy_cMBzo5i54Xu&return_to=https%3A%2F%2Fmarketi... HTTP 302
    https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

83
Requests

94 %
HTTPS

0 %
IPv6

15
Domains

19
Subdomains

18
IPs

3
Countries

3863 kB
Transfer

10586 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clickme.myclients.email/ls/click?upn=u001.XK1GCY8O3bSPa8w5zs6ta3PqnHEJ-2BjeJDdFlytR8rwokIhop-2FmWHPkQt6SW85fDHLZX9HtTHNzSQsGl61v6Q8sqRis4-2FWHWvyWRfJ11f4BUUA-2ByuzXkXqOGSMJTS4thWH826EffvmmcbOiz4Vp9P7qC9yPyatx1rvCOZN7dQZwVsErNBInhOVe8dIpTWcKPqsRNu0QRatN7Vlk5kzAjjQ3in5G0jy3u-2BSwMHS5ZMiwiOOYNGubsIectqU28NIAHlXOW9LUQ-2FJjoPthQKw8FKCvm7V63vdrr3yER9wcfdbiOc79MFEaZJmUsNC-2FEZAq9RqzfYtrp9aWyMYPVnucZBG2um4Tkrdu1J9LXajjmZzsRtAu6mOgVRXrk1Ma-2FsooSf1pIbSKrkyMQE8-2FEm5lCZVNp6fy2wzDri8aCMn-2F-2F62pB16kLprkefGLImQGOLpipAY33qQWxKmqgYSiohi5uuxw-3D-3DvoJ-_OUE4v7G1-2ByzVaQgQJgswO2sIg4n5fem58O1n-2FsKPxV1meF0Q2CVDcN8yrEMnU9tzR5ba2K4xx-2BzjOmEH8g6pe6j2sRPK29wrS4kyeGBDxUmSagI6sJ-2FJLpfjxKBvOU-2B47JxokXiRt3-2BJQd1DHESjzb8Q7G0V1Y636vZfdZkJFGncUPeoytnbKR7DzbYSSXhgq2H52hEvnifnB9-2FlQZT96ixSc0EKl7bRKnSpFq5PBNhdYxQ6dBsTgwucRIyyiw-2B6E0r33V6oM-2FGTX0Lskaqj1CnmMeu7jhdgq8vw2sWRbbB2prbQm-2BSE5pf3B7ugqcZBOBLg1o6gEHdhmQZ68feDnXcGlUv2rhuhBywpm-2BZ2Tsw-3D HTTP 302
    https://marketingpro.sbtpg.com/site/taxintimes/action?token=SBz3TbMy_cMBzo5i54Xu&from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=cmVxdWVzdA==&pay=false HTTP 302
    https://marketingpro.sbtpg.com/v/taxintimes/home?token=SBz3TbMy_cMBzo5i54Xu&return_to=https%3A%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Ffrom_email%3Dtrue%26requested_path%3D%2Festimates%2Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26o%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%3D%26vtm_cp%3DcmVxdWVzdA%3D%3D%26pay%3Dfalse HTTP 302
    https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=cmVxdWVzdA==&pay=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://d1azc1qln24ryf.cloudfront.net/165482/Vitrage/style-cf.css?4zicvr?1.0-ART-8bb8c820781223b4b03cca66856153aa HTTP 302
  • https://cdn.icomoon.io/165482/Vitrage/style-cf.css
Request Chain 9
  • https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Request Chain 48
  • https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

83 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request action
marketingpro.sbtpg.com/site/taxintimes/
Redirect Chain
  • https://clickme.myclients.email/ls/click?upn=u001.XK1GCY8O3bSPa8w5zs6ta3PqnHEJ-2BjeJDdFlytR8rwokIhop-2FmWHPkQt6SW85fDHLZX9HtTHNzSQsGl61v6Q8sqRis4-2FWHWvyWRfJ11f4BUUA-2ByuzXkXqOGSMJTS4thWH826Effvmmc...
  • https://marketingpro.sbtpg.com/site/taxintimes/action?token=SBz3TbMy_cMBzo5i54Xu&from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&f...
  • https://marketingpro.sbtpg.com/v/taxintimes/home?token=SBz3TbMy_cMBzo5i54Xu&return_to=https%3A%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Ffrom_email%3Dtrue%26requested_path%3D%2Fest...
  • https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origi...
30 KB
9 KB
Document
General
Full URL
https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=cmVxdWVzdA==&pay=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08101cc20aaced94ec971a4884789759979719f733bd1f381b91ad2b1909d74a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-expose-headers
X-Platform
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88991ff71b08e3d7-TLV
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 25 May 2024 22:57:31 GMT
p3p
CP="CAO PSA OUR"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
status
200 OK
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
ALLOWALL
x-permitted-cross-domain-policies
none
x-platform
true
x-request-id
436c31dc721668a791c3da7f086040c8
x-runtime
0.015391
x-xss-protection
1; mode=block

Redirect headers

access-control-expose-headers
X-Platform
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
88991ff3bc6ce3d7-TLV
content-type
text/html; charset=utf-8
date
Sat, 25 May 2024 22:57:30 GMT
location
https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=cmVxdWVzdA==&pay=false
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
server
cloudflare
status
302 Found
x-frame-options
ALLOWALL
x-platform
true
x-rack-cache
miss
x-request-id
0dcb5170dba601d20ac36966ea84b3bf
x-runtime
0.307952
x-ua-compatible
IE=Edge,chrome=1
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=cmVxdWVzdA==&pay=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 25 May 2024 22:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 25 May 2024 21:21:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 25 May 2024 22:57:31 GMT
style-cf.css
cdn.icomoon.io/165482/Vitrage/
Redirect Chain
  • https://d1azc1qln24ryf.cloudfront.net/165482/Vitrage/style-cf.css?4zicvr?1.0-ART-8bb8c820781223b4b03cca66856153aa
  • https://cdn.icomoon.io/165482/Vitrage/style-cf.css
13 KB
3 KB
Stylesheet
General
Full URL
https://cdn.icomoon.io/165482/Vitrage/style-cf.css
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=cmVxdWVzdA==&pay=false
Protocol
H2
Server
138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
138-199-37-227.bunnyinfra.net
Software
BunnyCDN-DE1-860 /
Resource Hash
70973ded0c5fce89c6fd4ac5440077e68158f374e5f01cd3f5738dcb9a135ef2

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://marketingpro.sbtpg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sat, 25 May 2024 22:57:31 GMT
content-encoding
br
cdn-edgestorageid
864
cdn-cachedat
04/15/2024 22:46:08
cdn-pullzone
1460617
last-modified
Thu, 20 Jul 2023 12:43:44 GMT
server
BunnyCDN-DE1-860
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"4a9dd236d6f15bb240427bb327ea9482"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
b17d9f103659553cc8bfa521fc3c702e
cdn-requestcountrycode
IL
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

date
Sat, 25 May 2024 22:57:31 GMT
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
vary
Origin
x-cache
FunctionGeneratedResponse from cloudfront
location
https://cdn.icomoon.io/165482/Vitrage/style-cf.css
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
Vj8GSTBZ5B2u6rmi5uYqnrEU_YHjKyBxx-y5kBXaQWfN6Wb1zLgbMA==
vendor-abb98304066173eda1ce9d72453571ac623d64e2074b1b60a309c146848f8d28.css
d27yogw9sew6u9.cloudfront.net/site/assets/
196 KB
25 KB
Stylesheet
General
Full URL
https://d27yogw9sew6u9.cloudfront.net/site/assets/vendor-abb98304066173eda1ce9d72453571ac623d64e2074b1b60a309c146848f8d28.css
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=cmVxdWVzdA==&pay=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d7b8f4fac61ab33ed4f14e0f9fe4dbdc98633267df1ea75add4bec949b6e8e6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
YWGtMbwbFQCOFd4uhlfq6IbcTkccMxWi
content-encoding
gzip
via
1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 04:53:05 GMT
last-modified
Tue, 21 May 2024 09:39:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
65067
x-amz-server-side-encryption
AES256
etag
W/"162e6c20e1aae95bbaad4c311613cba1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
x-amz-cf-id
Z41rOE8vUOYk9ymXNdbXlG6mZpHtYbp9EGqomIKjJZT22mDwJQ5erA==
application-feecda73627d82e74f4101c4aaf31efcf71c3997e8a4ba697c3d9ce6a36339a6.css
d27yogw9sew6u9.cloudfront.net/site/assets/
66 KB
12 KB
Stylesheet
General
Full URL
https://d27yogw9sew6u9.cloudfront.net/site/assets/application-feecda73627d82e74f4101c4aaf31efcf71c3997e8a4ba697c3d9ce6a36339a6.css
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=cmVxdWVzdA==&pay=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e99a0c301ded3af0ad3e5ccdee4d2977a9470a97c7fa506a4a296de6cf1126e4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
FJpNz0rI2pjFT0uaBigWEZ6caw.vX1He
content-encoding
gzip
via
1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 06:34:01 GMT
last-modified
Tue, 21 May 2024 09:39:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
60198
x-amz-server-side-encryption
AES256
etag
W/"c87e70469af4bc1af024ffc148d42d10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
x-amz-cf-id
61HddSQCZ-Ska9fYzS1pq56c9OW2xrATvtWWoXU7kSCT2G07xV75-A==
vendor-fc4c0f4ad73b1e591be153e79357d1bcc3b6981af62fd086c0b2c1fb0ea201a0.js
d27yogw9sew6u9.cloudfront.net/site/assets/
1 MB
363 KB
Script
General
Full URL
https://d27yogw9sew6u9.cloudfront.net/site/assets/vendor-fc4c0f4ad73b1e591be153e79357d1bcc3b6981af62fd086c0b2c1fb0ea201a0.js
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=cmVxdWVzdA==&pay=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdbf5910788c62244e3ff8b0ad8dc95f31dfda9d7f4a2ebb7b8a587ccb99972f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
aHextkmGYTZUv4quATfInyEpR8TEcC0W
content-encoding
gzip
via
1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 04:33:47 GMT
last-modified
Tue, 21 May 2024 09:39:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
66354
x-amz-server-side-encryption
AES256
etag
W/"f96beb4940c38b291ddf9f053a231e4a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
oDL1hcBdc-v_1j2mOBHI3JMIvgXvUfeZpIz9BWbiHTBVnLHAE3uB5g==
application-ba69156b4b3496125a66f905d529b2adf8e9b9d58318edbca5a323579d907ef0.js
d27yogw9sew6u9.cloudfront.net/site/assets/
332 KB
62 KB
Script
General
Full URL
https://d27yogw9sew6u9.cloudfront.net/site/assets/application-ba69156b4b3496125a66f905d529b2adf8e9b9d58318edbca5a323579d907ef0.js
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=cmVxdWVzdA==&pay=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4986f2ad0e95dcad1c34a6a6b3b78eb526b56a71e735d13e9e6bbad72f12d809

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
pNHnaKS2A_HPOmMNhw9S3AWgDgq716cY
content-encoding
gzip
via
1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 09:46:06 GMT
last-modified
Tue, 21 May 2024 09:39:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
71746
x-amz-server-side-encryption
AES256
etag
W/"7c77fd8dcf7c116b9ef4bd0ee8fe1030"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
rQqK6FD4KUrqiwk5cCcEQJ0GrJOQ_OdLH41QyUvroG33azxgVmXSAA==
livesite.js
d2ra6nuwn69ktl.cloudfront.net/assets/
179 KB
59 KB
Script
General
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?ver=1716677851
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=cmVxdWVzdA==&pay=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-46.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c8352ddf516bf97f2cefd10041a447856f6e3e5dd29ac68fa615bfd152aad33

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
bzdho.hrOk.Fg.ShMFOmwtUO8XcNiLhS
content-encoding
gzip
via
1.1 32c1b1f3aed1f2411468b70713ad6556.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 04:04:47 GMT
last-modified
Wed, 22 May 2024 10:16:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
67965
x-amz-server-side-encryption
AES256
etag
W/"c99ad10a6956108fd9a07f8a1c843444"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
r6U7lgbWeXb_xlCZnPkGPHOFtcstYqfcOtEIiqz0fV36GLxY9UqoTg==
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=cmVxdWVzdA==&pay=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:32 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 19:01:13 GMT
server
cloudflare
etag
W/"2024.5.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
88991fff3945e3d7-TLV
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:43:48 GMT
x-content-type-options
nosniff
age
245624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:43:48 GMT
main.js
marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/ Frame CF29
Redirect Chain
  • https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
8 KB
4 KB
Script
General
Full URL
https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Protocol
H2
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88b36c2b144d2d9bdafa22a6a0a68a625d0e4889426bab5201df53b0ae89cedf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sat, 25 May 2024 22:57:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
889920014cb1e3d7-TLV

Redirect headers

date
Sat, 25 May 2024 22:57:32 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
cache-control
max-age=300, public
cf-ray
889920001acde3d7-TLV
content-length
0
icons-20-58e93385632bc6150f8cd386c98e62eb8a63621a12d0d6a69c15219916dbb126.svg
d27yogw9sew6u9.cloudfront.net/site/assets/icons/
2 KB
2 KB
XHR
General
Full URL
https://d27yogw9sew6u9.cloudfront.net/site/assets/icons/icons-20-58e93385632bc6150f8cd386c98e62eb8a63621a12d0d6a69c15219916dbb126.svg
Requested by
Host: d27yogw9sew6u9.cloudfront.net
URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/vendor-fc4c0f4ad73b1e591be153e79357d1bcc3b6981af62fd086c0b2c1fb0ea201a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58e93385632bc6150f8cd386c98e62eb8a63621a12d0d6a69c15219916dbb126

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
MOVFQvhz1MmC3C55R3aI1M8B6NcfGA3T
content-encoding
gzip
via
1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 16:09:24 GMT
x-amz-cf-pop
FRA60-P5
age
24489
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 21 May 2024 09:39:37 GMT
server
AmazonS3
etag
W/"1d0884d6314b2fcdfc3a25c309085877"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
vryUlf6Qo8AYbFQO_4R-AqO0wCnR_9MDA4mvD1oSxZEgSDCattYxJA==
active_engage_gate
marketingpro.sbtpg.com/api/client_zones/taxintimes/account/ Frame D972
3 KB
2 KB
Document
General
Full URL
https://marketingpro.sbtpg.com/api/client_zones/taxintimes/account/active_engage_gate
Requested by
Host: d27yogw9sew6u9.cloudfront.net
URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/vendor-fc4c0f4ad73b1e591be153e79357d1bcc3b6981af62fd086c0b2c1fb0ea201a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d4ec27c17cc6d79c39e2ad40a71ad95b19f6cf1f8ad7cf9ccb8c873db1b088
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-expose-headers
X-Platform
cache-control
must-revalidate, private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
88992000ec0be3d7-TLV
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 25 May 2024 22:57:32 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
server
cloudflare
status
200 OK
x-frame-options
ALLOWALL
x-platform
true
x-rack-cache
miss
x-request-id
790e64ac9a0abb337090a9ce5ea6f323
x-runtime
0.014009
x-ua-compatible
IE=Edge,chrome=1
36
res.cloudinary.com/livesite/image/upload/v1/Cover%20Images/Business/
778 KB
779 KB
Image
General
Full URL
https://res.cloudinary.com/livesite/image/upload/v1/Cover%20Images/Business/36
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.166.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66db31e541bc529c80120e6edfd1538ea376a8ad68d58e114f21b66466ce7896
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:33 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=524;start=2024-05-25T22:57:32.507Z;desc=miss;cloudinary;dur=67;start=2024-05-25T22:57:32.764Z
content-length
796319
last-modified
Thu, 07 Apr 2016 12:14:35 GMT
server
cloudflare
etag
"34f39e31b2053237e98174de11a7300f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
cf-ray
889920021c3ae3db-TLV
timing-allow-origin
*
i
marketingpro.sbtpg.com/tr_pics/
43 B
2 KB
Image
General
Full URL
https://marketingpro.sbtpg.com/tr_pics/i?p=2017989&o=Y29udGFjdCBwYWdl
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:32 GMT
cf-cache-status
DYNAMIC
x-platform
true
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status
200 OK
content-transfer-encoding
binary
content-disposition
inline
content-length
43
x-request-id
d0bd48c8dbe4cdcf5d97b8545f66ff39
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
x-runtime
0.023360
server
cloudflare
x-frame-options
ALLOWALL
content-type
image/gif
access-control-expose-headers
X-Platform
cache-control
must-revalidate, no-cache, no-store, private, max-age=0
cf-ray
889920013ca5e3d7-TLV
x-rack-cache
miss
expires
Fri, 01 Jan 1990 00:00:00 GMT
large_kw59usnxbn8kn82bk00e0hek2lqcxsmf.png
c15117557.ssl.cf2.rackcdn.com/avatar/image/959459/
9 KB
9 KB
Image
General
Full URL
https://c15117557.ssl.cf2.rackcdn.com/avatar/image/959459/large_kw59usnxbn8kn82bk00e0hek2lqcxsmf.png
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.202.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-202-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4515818def64bccd5c740dadb1967b2a8672b4e2210fae126d15fb3f8ae11f0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 22:57:32 GMT
Last-Modified
Tue, 17 Jan 2023 14:46:10 GMT
ETag
01c1ffd16de0b2e30d432087b48ea11c
Content-Type
image/png
X-Timestamp
1673966769.58302
Cache-Control
public, max-age=259167
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8753
X-Trans-Id
tx2470d78d5dd340b88c426-0066526cdcord1
Expires
Tue, 28 May 2024 22:56:59 GMT
tax2023_nsosnj
res.cloudinary.com/livesite/image/upload/v1/LivesiteImages/j2jmai7zyqo3xx69/about/
64 KB
65 KB
Image
General
Full URL
https://res.cloudinary.com/livesite/image/upload/v1/LivesiteImages/j2jmai7zyqo3xx69/about/tax2023_nsosnj
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.166.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ae47b566de2bed3d20b35e6781336004188f2f8ddf380d4e52fb6cc4ddae08
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:32 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=473;start=2024-05-25T22:57:32.510Z;desc=miss,content-info;desc="width=560,height=280,bytes=65625,owidth=560,oheight=280,obytes=65625,ef=(1,17);";cloudinary;dur=46;start=2024-05-25T22:57:32.662Z
content-length
65625
last-modified
Wed, 20 Dec 2023 22:42:06 GMT
server
cloudflare
etag
"77b17d7fb30ec2f84a0efece61da3a0d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
cf-ray
889920021c3ee3db-TLV
timing-allow-origin
*
88991ff71b08e3d7
marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame CF29
0
274 B
XHR
General
Full URL
https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/jsd/r/88991ff71b08e3d7
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 25 May 2024 22:57:32 GMT
server
cloudflare
cf-ray
88992002ef97e3d7-TLV
content-length
0
content-type
text/plain; charset=UTF-8
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/ Frame D972
19 KB
0
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/api/client_zones/taxintimes/account/active_engage_gate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:32 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 19:01:13 GMT
server
cloudflare
etag
W/"2024.5.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
88991fff3945e3d7-TLV
main.js
marketingpro.sbtpg.com/cdn-cgi/challenge-platform/scripts/jsd/ Frame F8C4
8 KB
0
Script
General
Full URL
https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=/estimates/mnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw=&vtm_cp=cmVxdWVzdA==&pay=false
Protocol
H2
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88b36c2b144d2d9bdafa22a6a0a68a625d0e4889426bab5201df53b0ae89cedf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
889920014cb1e3d7-TLV
j2jmai7zyqo3xx69
marketingpro.sbtpg.com/portal/ Frame 1A8F
28 KB
8 KB
Document
General
Full URL
https://marketingpro.sbtpg.com/portal/j2jmai7zyqo3xx69
Requested by
Host: d27yogw9sew6u9.cloudfront.net
URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/vendor-fc4c0f4ad73b1e591be153e79357d1bcc3b6981af62fd086c0b2c1fb0ea201a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ce54149f0970d002edcd023e803eefff082be47565bb877397e7bb6e8392208f

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-expose-headers
X-Platform
cf-cache-status
DYNAMIC
cf-ray
889920033827e3d7-TLV
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 25 May 2024 22:57:32 GMT
server
cloudflare
x-platform
true
x-powered-by
Express
88992000ec0be3d7
marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F8C4
0
254 B
XHR
General
Full URL
https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/jsd/r/88992000ec0be3d7
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 25 May 2024 22:57:32 GMT
server
cloudflare
cf-ray
88992003c906e3d7-TLV
content-length
0
content-type
text/plain; charset=UTF-8
rum
marketingpro.sbtpg.com/cdn-cgi/ Frame D972
0
153 B
XHR
General
Full URL
https://marketingpro.sbtpg.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://marketingpro.sbtpg.com/api/client_zones/taxintimes/account/active_engage_gate
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 25 May 2024 22:57:32 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://marketingpro.sbtpg.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
88992003c90ee3d7-TLV
css
fonts.googleapis.com/ Frame 1A8F
4 KB
559 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/portal/j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 25 May 2024 22:57:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 25 May 2024 22:16:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 25 May 2024 22:57:32 GMT
/
js.stripe.com/v3/ Frame 1A8F
604 KB
167 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/portal/j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-13.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a94e7220fbe1d9eb34b78c73ea3bf0f57cf4cbbdfef62e416ac8d312807d882d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:33 GMT
content-encoding
gzip
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
19
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
last-modified
Sat, 25 May 2024 00:21:53 GMT
server
Cloudfront
etag
W/"e1fa3076f35dbe23a9d5b04e8922e0d7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
UrB635Ra4_LjTPNRZPFonpcwJPKleQIKPwmpIS5KAbb1hCge16NXMg==
index.668a29e6.js
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
4 MB
802 KB
Script
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/portal/j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
963ff49d71341f1f0ae31b9e6ae1077bcfbf6a6e5b628841b4e8c4a3bf69e5bf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
F5EpR4HGCF7w99HVOnCcTj2pF9kabPrz
content-encoding
gzip
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 13:23:32 GMT
x-amz-cf-pop
FRA60-P4
age
72755
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 21 May 2024 10:18:05 GMT
server
AmazonS3
etag
W/"3f61ebf853d3f52cd3c91ee2e1dc88a9"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
pDkNYFZi--KNfJbi4E6357x4_HZvqC6-TTeBZlfwafNFhNkdp8ADnA==
vueComponentNormalizer.3afe50b9.js
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
66 KB
25 KB
Script
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/vueComponentNormalizer.3afe50b9.js
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/portal/j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f450b669b7885c1b3fa5f61a0c4c5dc7ab673ed97eeadc626bdcdaf41ed0d68

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
yA_Qt.B8cQEO_O2HUkRWEQvL8SiijkIu
content-encoding
gzip
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 09:35:34 GMT
x-amz-cf-pop
FRA60-P4
age
63679
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 May 2024 05:37:23 GMT
server
AmazonS3
etag
W/"e0c5cf5fc1897e9e208885be0a0bd19c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
OawYBKsJa5WxcvBGqiZxGllMWdf_5sRXQ223thHw3u4tqj3kRtmuJw==
index.a96c19c0.css
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
1 MB
162 KB
Stylesheet
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/index.a96c19c0.css
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/portal/j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a96c19c0d5b7566732a8aa0b837a4c5106e9926c6685dff1169e6878f5f4688c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
2xBStvuj_uUU_FMQMVHFnjXpc1YTCHhC
content-encoding
gzip
via
1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 02:17:48 GMT
last-modified
Wed, 22 May 2024 05:37:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
74389
x-amz-server-side-encryption
AES256
etag
W/"c2b5e296018a77e32d95d1fb94c37ebd"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
x-amz-cf-id
sPDaPGF8LumEE9Ic3dq4OZgwULIopBKHV_pihGxqP0qWihDOnBmllQ==
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/ Frame 1A8F
19 KB
0
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/portal/j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:32 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 19:01:13 GMT
server
cloudflare
etag
W/"2024.5.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
88991fff3945e3d7-TLV
active_engage_gate
marketingpro.sbtpg.com/api/client_zones/taxintimes/account/ Frame D972
1 KB
2 KB
Document
General
Full URL
https://marketingpro.sbtpg.com/api/client_zones/taxintimes/account/active_engage_gate
Requested by
Host: d27yogw9sew6u9.cloudfront.net
URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/vendor-fc4c0f4ad73b1e591be153e79357d1bcc3b6981af62fd086c0b2c1fb0ea201a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
663d7fb53fb886538b05a26c9e74faed2d7c3cc8e39fdd343339774f52a4a76e
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-expose-headers
X-Platform
cache-control
must-revalidate, private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
889920071f55e3d7-TLV
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 25 May 2024 22:57:33 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
server
cloudflare
status
200 OK
x-frame-options
ALLOWALL
x-platform
true
x-rack-cache
miss
x-request-id
df5bad16e9579959529ac074385dbeab
x-runtime
0.013582
x-ua-compatible
IE=Edge,chrome=1
place
www.google.com/maps/embed/v1/ Frame E57E
0
0
Document
General
Full URL
https://www.google.com/maps/embed/v1/place?key=AIzaSyCE9OftC4I-tJbUqtItGI76CX87RY-h2aU&q=1939%20Goldsmith%20Lane%20suite%20143%2C%20Louisville%2C%20KY%2C%20USA}
Requested by
Host: d27yogw9sew6u9.cloudfront.net
URL: https://d27yogw9sew6u9.cloudfront.net/site/assets/application-ba69156b4b3496125a66f905d529b2adf8e9b9d58318edbca5a323579d907ef0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f4.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-lTtz3OYEBEe1NuOI2_u9Dg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://marketingpro.sbtpg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1015
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-lTtz3OYEBEe1NuOI2_u9Dg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Sat, 25 May 2024 22:57:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0
rum
marketingpro.sbtpg.com/cdn-cgi/ Frame D972
0
0

vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/ Frame D972
19 KB
0
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/api/client_zones/taxintimes/account/active_engage_gate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:32 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 19:01:13 GMT
server
cloudflare
etag
W/"2024.5.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
88991fff3945e3d7-TLV
rum
marketingpro.sbtpg.com/cdn-cgi/ Frame D972
0
37 B
XHR
General
Full URL
https://marketingpro.sbtpg.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://marketingpro.sbtpg.com/api/client_zones/taxintimes/account/active_engage_gate
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 25 May 2024 22:57:33 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://marketingpro.sbtpg.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
88992008eb2fe3d7-TLV
js
maps.googleapis.com/maps/api/ Frame 1A8F
245 KB
80 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCIsf7LgWftTLtCl-ZbAwY33O7R3PIjTZg&libraries=places&callback=initVGAMaps&language=en
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
b79618f368f75ff129d43633dbc172693b6146fac285e461bb13c3f4b0e73d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81679
x-xss-protection
0
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ Frame 1A8F
54 KB
19 KB
Script
General
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.235.23 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
23.235.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
87a9dc9be70cd0233d8ce1e472fe0751e178b7a1a42f5adde35f275ef0cefcc3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:56:42 GMT
content-encoding
gzip
age
51
x-guploader-uploadid
ABPtcPqu34FRKP_-dUQcNXOFA4zzyHsv37WkMkaXt8KiH8GitXqO_hHVxaVnjtdU1ctqrznJ36hnj8OpUA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18793
last-modified
Fri, 26 Apr 2024 20:55:25 GMT
server
UploadServer
etag
"699087d24603faf41a8ef844dd0c55d1"
vary
Accept-Encoding
x-goog-generation
1714164925156474
x-goog-hash
crc32c=4oRQEw==, md5=aZCH0kYD+vQajvhE3QxV0Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=600
x-goog-stored-content-length
18793
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 25 May 2024 23:06:42 GMT
PaymentsIndex.25a95489.js
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
495 B
1010 B
Script
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/PaymentsIndex.25a95489.js
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca6221273db771ccd3d122b12e5d061835baa262b0a3487f10ee942147b4aa77

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
gMtAElC3DeNg2.ZdSsDT8P3.i3ZgSW2w
date
Sat, 25 May 2024 09:36:08 GMT
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
48573
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
495
last-modified
Wed, 22 May 2024 05:37:21 GMT
server
AmazonS3
etag
"9c25f491dc622010f62922bff3dcb87a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
kaAopb68zs-6v8EdkpC8-5_yDkWUpt_XvIQRnP_0UKrM68hlldh5cg==
PaymentEntityPage.78de5e0b.js
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
29 KB
8 KB
Script
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/PaymentEntityPage.78de5e0b.js
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f540547ccea33a76c8e462aec410980033f0370797c8bda7d57aa1cca1bcb10

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
uCmrx6dZx9bdtfS60k.TlCOMLxi9lcVZ
content-encoding
gzip
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 09:36:08 GMT
x-amz-cf-pop
FRA60-P4
age
62634
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 May 2024 05:37:21 GMT
server
AmazonS3
etag
W/"6b386a92939b66068313e83ba707db73"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
ZZECHvxqxZdi9R-bVHTIjNQ6UUj0nenGnKRPR7mwp94XHDlLeq3lcA==
PaymentEntityPage.5e8bcdad.css
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
12 KB
3 KB
Stylesheet
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/PaymentEntityPage.5e8bcdad.css
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e8bcdad84514cbe44ed8613860b34381ff7b709a081e5d10f181f4237c26100

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Eys4PmBqKeSgLtRew5XHUuzMNS8qsp_i
content-encoding
gzip
via
1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 11:57:30 GMT
x-amz-cf-pop
FRA60-P4
age
40040
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 May 2024 05:37:20 GMT
server
AmazonS3
etag
W/"cb9f6dc49a66c4f4e726db3ff6cc509c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
r-9J8caOHj4no2zUeValt0BIsXmGj_H-32XwIyAFXne3YJm7cObCXw==
PaymentItemsList.a7a9bf12.js
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
10 KB
3 KB
Script
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/PaymentItemsList.a7a9bf12.js
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f864fc84c113582585836fc1fa4d02fce47b55bcc0e99505b468ff22d1da7da6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 05:54:34 GMT
x-amz-version-id
bBWcBRzWbqd65YWQT6x8PyXm.hTVhiMh
content-encoding
br
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
61380
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 May 2024 05:37:21 GMT
server
AmazonS3
etag
W/"8219d0a009b95e0b0a340e60f079f0ab"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
Edhu3t6X9je-25ZH9d8pHf1SixcpMrBnU_0nsc5s93mLZu7vI_FS3A==
PaymentItemsList.8c9a08f0.css
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
4 KB
1 KB
Stylesheet
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/PaymentItemsList.8c9a08f0.css
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c9a08f02ab665a5372933bdb2e368fd8e40c128bb611c0d83eea1a7f88fe7d4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
z.Ufo7i243DSzPGmY4gszNWFBLIrv6Hm
content-encoding
br
via
1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 05:43:06 GMT
x-amz-cf-pop
FRA60-P4
age
62478
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 May 2024 05:37:21 GMT
server
AmazonS3
etag
W/"2e83c2bdfd68693015758c9756f8fbbe"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
1iFFiVahpUC_ixbifmaOTXlVNUW5JvECJHA_8i_qLArKQPYiGNNU1w==
paymentsTexts.73332705.js
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
703 B
1 KB
Script
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/paymentsTexts.73332705.js
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dae9d74af9c878c2b195433eb3e48204cfb3805b2d4df9d2a7eebc7c8be0d9da

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
33drfxFE0V4ZeW1YtMRN3_wH._jrCJ.Q
date
Sat, 25 May 2024 09:36:09 GMT
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
48572
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
703
last-modified
Wed, 22 May 2024 05:37:23 GMT
server
AmazonS3
etag
"abc203837e585915e2aeacc31c8b5996"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
pmCDkKLT5AadIvnDxRG2lVZdwsDd1IJYJUjdrOfDR_dpxjoKQPFvVw==
SignatureDialog.1c6be3b6.js
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
15 KB
6 KB
Script
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/SignatureDialog.1c6be3b6.js
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca1308bfa147ac44071aa3b44f441469ba5d354eb830433047a6eebd604b0358

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
V5VBOGP8uJTUKktp_rDY6kczydXAtkbH
content-encoding
gzip
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 05:43:10 GMT
x-amz-cf-pop
FRA60-P4
age
62583
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 May 2024 05:37:21 GMT
server
AmazonS3
etag
W/"8fc1710c6ea8a0afad30ce78d7e1291e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
xrMQ1X5c4JbwgHEYv4EfX6qaQ4Z0y6vq5L-qCWBTBG4m7LSUNU6yZg==
SignatureDialog.689f524d.css
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
3 KB
1 KB
Stylesheet
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/SignatureDialog.689f524d.css
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
689f524d4be8c3c81edf98d288ee03455f0965e87900216dc11d68f9fadfd476

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
8emlUc785Tm75MLhvkqR4XkXiU1GRji2
content-encoding
gzip
via
1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 09:24:58 GMT
x-amz-cf-pop
FRA60-P4
age
48807
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 May 2024 05:37:21 GMT
server
AmazonS3
etag
W/"5c9d5d6a6c11070c7e731276e938ef05"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
nFLMR9yApVRy6flkLVmzc4SISqwzzwZh3yYjzspTVByl44tUI6nNlg==
CheckoutSummary.dbafce32.js
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
5 KB
2 KB
Script
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/CheckoutSummary.dbafce32.js
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b1965a4af4214d5e854c2cb673f7f242107a42e9c45b6321f2f7a72396acba7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
63gWR8MnLyXuMiBk0XBMjE9Fm_nqY_3c
content-encoding
br
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 05:40:14 GMT
x-amz-cf-pop
FRA60-P4
age
62483
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 May 2024 05:37:19 GMT
server
AmazonS3
etag
W/"863ae7795382b48b9f267c8da1f07841"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
owjvgs69HsZGe7RjzZgCluQi4Z1_Rw-oxXtbbeGjYqHiduRMjPfUWQ==
CheckoutSummary.44b474b5.css
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
3 KB
1 KB
Stylesheet
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/CheckoutSummary.44b474b5.css
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44b474b58771059cc9ff9f5bc53c1acb7eb156e930c1775139301f79ab22d426

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Cw_cI4xDqMzEKVR7BcXmYIlyeQ0K1TLB
content-encoding
gzip
via
1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 09:36:01 GMT
x-amz-cf-pop
FRA60-P4
age
60989
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 May 2024 05:37:19 GMT
server
AmazonS3
etag
W/"1413abb68a9afeebb85281abf31e8bda"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
lsaL1vBONj6KXx8An1fZFfupxMxX2xhiybv91gCAdHD1GxO4UR5p2Q==
large_kw59usnxbn8kn82bk00e0hek2lqcxsmf.png
c15117557.ssl.cf2.rackcdn.com/avatar/image/959459/ Frame 1A8F
9 KB
0
Image
General
Full URL
https://c15117557.ssl.cf2.rackcdn.com/avatar/image/959459/large_kw59usnxbn8kn82bk00e0hek2lqcxsmf.png
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/vueComponentNormalizer.3afe50b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.202.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-202-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4515818def64bccd5c740dadb1967b2a8672b4e2210fae126d15fb3f8ae11f0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 22:57:32 GMT
Last-Modified
Tue, 17 Jan 2023 14:46:10 GMT
ETag
01c1ffd16de0b2e30d432087b48ea11c
Content-Type
image/png
X-Timestamp
1673966769.58302
Cache-Control
public, max-age=259167
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8753
X-Trans-Id
tx2470d78d5dd340b88c426-0066526cdcord1
Expires
Tue, 28 May 2024 22:56:59 GMT
virtual_pwa-register.0a786055.js
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
1 KB
1 KB
Script
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/virtual_pwa-register.0a786055.js
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0902768e99e4a36fc526019ad4004798705ba524702116a1764aca52db3373e4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
SCdxuPC0zttHYv8pOJiFDeA39II63UM.
content-encoding
br
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 05:37:36 GMT
x-amz-cf-pop
FRA60-P4
age
62560
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 May 2024 05:37:23 GMT
server
AmazonS3
etag
W/"086c2d137085eaea86c8c091868ebaa1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
nx8CAN37i-b5aDMEElvy2r4wEbQeGBVg6luGKXIWMlpv37AU5wYWvQ==
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame CD1F
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-112.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://marketingpro.sbtpg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1203
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 25 May 2024 22:37:32 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Tue, 21 May 2024 20:20:06 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
x-amz-cf-id
P2zxfl02o9j59gE1mwE2-_fvo5lV3iq_VOpMdILn8gViSzlejZX5eg==
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
main.js
marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/ Frame B4F9
Redirect Chain
  • https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
8 KB
0
Script
General
Full URL
https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/portal/j2jmai7zyqo3xx69
Protocol
H2
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88b36c2b144d2d9bdafa22a6a0a68a625d0e4889426bab5201df53b0ae89cedf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sat, 25 May 2024 22:57:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
889920014cb1e3d7-TLV

Redirect headers

date
Sat, 25 May 2024 22:57:32 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
cache-control
max-age=300, public
cf-ray
889920001acde3d7-TLV
content-length
0
unnamed_icui9v
res.cloudinary.com/livesite/image/upload/c_fill,w_1024/v1/LivesiteImages/j2jmai7zyqo3xx69/cover/ Frame 1A8F
169 KB
169 KB
Image
General
Full URL
https://res.cloudinary.com/livesite/image/upload/c_fill,w_1024/v1/LivesiteImages/j2jmai7zyqo3xx69/cover/unnamed_icui9v
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/portal/j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.166.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69fb99ed2cc9746df5df956c0cd2cdac5809264cdccafb68de6b5b50e6ee1369
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:34 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=588;start=2024-05-25T22:57:33.929Z;desc=miss,content-info;desc="width=1024,height=768,owidth=960,oheight=720,obytes=153680;";cloudinary;dur=19;start=2024-05-25T22:57:34.192Z
content-length
172852
last-modified
Tue, 17 Jan 2023 20:45:19 GMT
server
cloudflare
etag
"10b9bf0cf11d32292c1423d23249179f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
cf-ray
8899200b0d6be3db-TLV
timing-allow-origin
*
fa-solid-900.f350c708.woff2
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
321 KB
322 KB
Font
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/fa-solid-900.f350c708.woff2
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.a96c19c0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://djbvmk5k5vh9e.cloudfront.net/assets/index.a96c19c0.css
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
yBfoCt0jPJTt6JIDhI2Cq9KEpel1ghYc
date
Sat, 25 May 2024 06:56:25 GMT
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
63679
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
329204
last-modified
Wed, 22 May 2024 05:37:22 GMT
server
AmazonS3
etag
"6ebcf9f18ded9c54f71ec1198c32aa52"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
LJ_wfXCNTSYvUWlkgIxVvN4l-dXBK-Mb__olhlWC30WP0pp7pEePCg==
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ Frame 1A8F
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 03:04:57 GMT
x-content-type-options
nosniff
age
244357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 03:04:57 GMT
icomoon.08c372d2.woff
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
65 KB
66 KB
Font
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/icomoon.08c372d2.woff?-rdmvgd
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.a96c19c0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08c372d2f393302ad0795615edd7bec4cb5dbc3bd6bc58b456eb687d062d35c4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://djbvmk5k5vh9e.cloudfront.net/assets/index.a96c19c0.css
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
29QD.mAEixjdcn3AdBdiK8wkr6Tp0qJp
date
Sat, 25 May 2024 11:10:44 GMT
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
42648
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
66520
last-modified
Wed, 22 May 2024 05:37:23 GMT
server
AmazonS3
etag
"e87aeaf4bd38138f7bf3c3e28dc19979"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
vRiQlAN0mz5iwEr-BCOND_chSPVuBN2MscmAxUMVMz9DWAZ2qImidg==
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ Frame 1A8F
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:42:19 GMT
x-content-type-options
nosniff
age
245715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:42:19 GMT
889920033827e3d7
marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B4F9
0
298 B
XHR
General
Full URL
https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/h/b/jsd/r/889920033827e3d7
Requested by
Host: marketingpro.sbtpg.com
URL: https://marketingpro.sbtpg.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 25 May 2024 22:57:34 GMT
server
cloudflare
cf-ray
8899200bd8b2e3d7-TLV
content-length
0
content-type
text/plain; charset=UTF-8
client
api2.vcita.com/client_api/v1/portals/j2jmai7zyqo3xx69/ Frame 1A8F
675 B
1 KB
XHR
General
Full URL
https://api2.vcita.com/client_api/v1/portals/j2jmai7zyqo3xx69/client?o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&business_uid=j2jmai7zyqo3xx69&portal_id=j2jmai7zyqo3xx69
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02c3cdc9e1fe427ad90b747a54d1feb6dd6022891f1d1e818d6529aca1dafded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-XSRF-TOKEN
IeWF1BF1lnQwKgNd/MPJgypxqjdrgOtwReRRZYpN4+bWsfOHPS77hf2EJO6tj+UloT0C5EMZUuWzOwnRuV55tA==
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiYm44NXQwNWU3a2xsYmx2ZCIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6Imoyam1haTd6eXFvM3h4NjkifSwiZXhwIjoxNzE2NjkyMjUyLCJ0eXBlIjoiY2xpZW50IiwianRpIjoiYWRiNzRjZDk5YzU0NTJiODYxYzk2NjFiOTM2YjE3OTJkZWE4NTFmMTljNzk3ZTI2MGYxMDljOTM0MDI4MTEyYSJ9.Xk-Hs5PnS75ZJwU1JNt6SgWphT_ymbkjFpjXXh46IFM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://marketingpro.sbtpg.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-platform
true
x-xss-protection
1; mode=block
x-request-id
8ed55d35892859c1f6df36d5d082acc4
x-runtime
0.022986
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"02c3cdc9e1fe427ad90b747a54d1feb6"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://marketingpro.sbtpg.com
access-control-expose-headers
X-Platform
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-max-age
1728000
cf-ray
889920110c18e3c7-TLV
vary
Origin
client
api2.vcita.com/client_api/v1/portals/j2jmai7zyqo3xx69/ Frame
0
0
Preflight
General
Full URL
https://api2.vcita.com/client_api/v1/portals/j2jmai7zyqo3xx69/client?o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&business_uid=j2jmai7zyqo3xx69&portal_id=j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-xsrf-token
Access-Control-Request-Method
GET
Origin
https://marketingpro.sbtpg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-xsrf-token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://marketingpro.sbtpg.com
access-control-expose-headers
X-Platform
access-control-max-age
1728000
cf-cache-status
DYNAMIC
cf-ray
8899200cf8e2e3db-TLV
content-encoding
gzip
content-type
text/plain; charset=utf-8
date
Sat, 25 May 2024 22:57:34 GMT
server
cloudflare
x-platform
true
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame 1A8F
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://marketingpro.sbtpg.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
workbox-window.prod.es5.fb541039.js
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
5 KB
3 KB
Script
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/workbox-window.prod.es5.fb541039.js
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/virtual_pwa-register.0a786055.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
688aac7001b9cf8483f8ecff49f1d2a7581998e2a9c794d6fb3aca2752552535

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://djbvmk5k5vh9e.cloudfront.net/assets/virtual_pwa-register.0a786055.js
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
W0.Y5vh5JNGRlPk7HPgKzRetTHKLU3SF
content-encoding
br
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
date
Sat, 25 May 2024 01:56:29 GMT
x-amz-cf-pop
FRA60-P4
age
75666
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 21 May 2024 10:18:05 GMT
server
AmazonS3
etag
W/"610abee1f0a0cf28ec9ee1ecc816323a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
15ICOiOgO9hsAEu8sV9_O0b0fXxZ5NC-n3Wx8LxqFIZrT56brX7acg==
rum
marketingpro.sbtpg.com/cdn-cgi/ Frame 1A8F
0
37 B
XHR
General
Full URL
https://marketingpro.sbtpg.com/cdn-cgi/rum?
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://marketingpro.sbtpg.com/portal/j2jmai7zyqo3xx69
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 25 May 2024 22:57:34 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://marketingpro.sbtpg.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
88992010b9c3e3d7-TLV
rum
marketingpro.sbtpg.com/cdn-cgi/
0
37 B
XHR
General
Full URL
https://marketingpro.sbtpg.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 25 May 2024 22:57:34 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://marketingpro.sbtpg.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
88992010b9c9e3d7-TLV
large_kw59usnxbn8kn82bk00e0hek2lqcxsmf.png
c15117557.ssl.cf2.rackcdn.com/avatar/image/959459/
9 KB
0
Other
General
Full URL
https://c15117557.ssl.cf2.rackcdn.com/avatar/image/959459/large_kw59usnxbn8kn82bk00e0hek2lqcxsmf.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.202.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-202-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4515818def64bccd5c740dadb1967b2a8672b4e2210fae126d15fb3f8ae11f0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 22:57:32 GMT
Last-Modified
Tue, 17 Jan 2023 14:46:10 GMT
ETag
01c1ffd16de0b2e30d432087b48ea11c
Content-Type
image/png
X-Timestamp
1673966769.58302
Cache-Control
public, max-age=259167
Accept-Ranges
bytes
Content-Length
8753
X-Trans-Id
tx2470d78d5dd340b88c426-0066526cdcord1
Expires
Tue, 28 May 2024 22:56:59 GMT
cards
api2.vcita.com/platform/v1/clients/payment/ Frame
0
0
Preflight
General
Full URL
https://api2.vcita.com/platform/v1/clients/payment/cards?business_id=j2jmai7zyqo3xx69&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&matter_uid=9jm7nizj811jitu3&business_uid=j2jmai7zyqo3xx69&portal_id=j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-xsrf-token
Access-Control-Request-Method
GET
Origin
https://marketingpro.sbtpg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-xsrf-token
access-control-allow-methods
GET, PUT, DELETE, POST, OPTIONS
access-control-allow-origin
https://marketingpro.sbtpg.com
access-control-expose-headers
X-Platform
access-control-max-age
1728000
cf-cache-status
DYNAMIC
cf-ray
889920148f60e3db-TLV
content-encoding
gzip
content-type
text/plain; charset=utf-8
date
Sat, 25 May 2024 22:57:35 GMT
server
cloudflare
x-platform
true
relations
api.vcita.biz/client/docuforms/v1/ Frame
0
0
Preflight
General
Full URL
https://api.vcita.biz/client/docuforms/v1/relations?filter[entity_type]=estimate&filter[entity_uid]=mnc3m9rufx4voq8d&matter_uid=9jm7nizj811jitu3&business_uid=j2jmai7zyqo3xx69&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&portal_id=j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://marketingpro.sbtpg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Authorization
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
X-Platform
cf-cache-status
DYNAMIC
cf-ray
889920158961e3d3-TLV
date
Sat, 25 May 2024 22:57:36 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-platform
true
mnc3m9rufx4voq8d
api2.vcita.com/client_api/v1/portals/j2jmai7zyqo3xx69/estimates/ Frame
0
0
Preflight
General
Full URL
https://api2.vcita.com/client_api/v1/portals/j2jmai7zyqo3xx69/estimates/mnc3m9rufx4voq8d?o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&matter_uid=9jm7nizj811jitu3&business_uid=j2jmai7zyqo3xx69&portal_id=j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-xsrf-token
Access-Control-Request-Method
GET
Origin
https://marketingpro.sbtpg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-xsrf-token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://marketingpro.sbtpg.com
access-control-expose-headers
X-Platform
access-control-max-age
1728000
cf-cache-status
DYNAMIC
cf-ray
88992014af9be3db-TLV
content-encoding
gzip
content-type
text/plain; charset=utf-8
date
Sat, 25 May 2024 22:57:35 GMT
server
cloudflare
x-platform
true
cards
api2.vcita.com/platform/v1/clients/payment/ Frame 1A8F
35 B
244 B
XHR
General
Full URL
https://api2.vcita.com/platform/v1/clients/payment/cards?business_id=j2jmai7zyqo3xx69&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&matter_uid=9jm7nizj811jitu3&business_uid=j2jmai7zyqo3xx69&portal_id=j2jmai7zyqo3xx69
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45bb9471239379b5d4f90ec8f894daf924dbb44c9e5084ddcee7eb6dec6fdbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-XSRF-TOKEN
IeWF1BF1lnQwKgNd/MPJgypxqjdrgOtwReRRZYpN4+bWsfOHPS77hf2EJO6tj+UloT0C5EMZUuWzOwnRuV55tA==
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiYm44NXQwNWU3a2xsYmx2ZCIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6Imoyam1haTd6eXFvM3h4NjkifSwiZXhwIjoxNzE2NjkyMjUyLCJ0eXBlIjoiY2xpZW50IiwianRpIjoiYWRiNzRjZDk5YzU0NTJiODYxYzk2NjFiOTM2YjE3OTJkZWE4NTFmMTljNzk3ZTI2MGYxMDljOTM0MDI4MTEyYSJ9.Xk-Hs5PnS75ZJwU1JNt6SgWphT_ymbkjFpjXXh46IFM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://marketingpro.sbtpg.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-platform
true
x-xss-protection
1; mode=block
x-request-id
c6137246db4553827e5160ef21992205
x-runtime
0.011964
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"45bb9471239379b5d4f90ec8f894daf9"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, DELETE, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://marketingpro.sbtpg.com
access-control-expose-headers
X-Platform
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-max-age
1728000
cf-ray
88992017f9eae3c7-TLV
vary
Origin
relations
api.vcita.biz/client/docuforms/v1/ Frame 1A8F
395 B
749 B
XHR
General
Full URL
https://api.vcita.biz/client/docuforms/v1/relations?filter[entity_type]=estimate&filter[entity_uid]=mnc3m9rufx4voq8d&matter_uid=9jm7nizj811jitu3&business_uid=j2jmai7zyqo3xx69&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&portal_id=j2jmai7zyqo3xx69
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
90b785e9e7467a46c6b69bb7c3241664632af3d261cdfb683c8d5ba651f32f85

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiYm44NXQwNWU3a2xsYmx2ZCIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6Imoyam1haTd6eXFvM3h4NjkifSwiZXhwIjoxNzE2NjkyMjUyLCJ0eXBlIjoiY2xpZW50IiwianRpIjoiYWRiNzRjZDk5YzU0NTJiODYxYzk2NjFiOTM2YjE3OTJkZWE4NTFmMTljNzk3ZTI2MGYxMDljOTM0MDI4MTEyYSJ9.Xk-Hs5PnS75ZJwU1JNt6SgWphT_ymbkjFpjXXh46IFM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://marketingpro.sbtpg.com/
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
gEJj9KLPD2sh6FoXxIhDqjThhCCyUE8e
date
Sat, 25 May 2024 22:57:36 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"18b-SwCdnc8wi3wg93Wk+9hQcLXy3JE"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Platform
x-platform
true
cf-ray
88992018ef8be3d3-TLV
mnc3m9rufx4voq8d
api2.vcita.com/client_api/v1/portals/j2jmai7zyqo3xx69/estimates/ Frame 1A8F
3 KB
1 KB
XHR
General
Full URL
https://api2.vcita.com/client_api/v1/portals/j2jmai7zyqo3xx69/estimates/mnc3m9rufx4voq8d?o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&matter_uid=9jm7nizj811jitu3&business_uid=j2jmai7zyqo3xx69&portal_id=j2jmai7zyqo3xx69
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f73608b0c7e636a6d4ef25d8291368fe0718833907494cd34de62d453b76550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-XSRF-TOKEN
IeWF1BF1lnQwKgNd/MPJgypxqjdrgOtwReRRZYpN4+bWsfOHPS77hf2EJO6tj+UloT0C5EMZUuWzOwnRuV55tA==
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiYm44NXQwNWU3a2xsYmx2ZCIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6Imoyam1haTd6eXFvM3h4NjkifSwiZXhwIjoxNzE2NjkyMjUyLCJ0eXBlIjoiY2xpZW50IiwianRpIjoiYWRiNzRjZDk5YzU0NTJiODYxYzk2NjFiOTM2YjE3OTJkZWE4NTFmMTljNzk3ZTI2MGYxMDljOTM0MDI4MTEyYSJ9.Xk-Hs5PnS75ZJwU1JNt6SgWphT_ymbkjFpjXXh46IFM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://marketingpro.sbtpg.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-platform
true
x-xss-protection
1; mode=block
x-request-id
de7d9d2a7299efa156b912a4a83bdcd9
x-runtime
0.032108
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"4f73608b0c7e636a6d4ef25d8291368f"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://marketingpro.sbtpg.com
access-control-expose-headers
X-Platform
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-max-age
1728000
cf-ray
889920161e72e3c7-TLV
vary
Origin
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ Frame 1A8F
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 10:16:35 GMT
x-content-type-options
nosniff
age
45660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 May 2025 10:16:35 GMT
fa-regular-400.121b1769.woff2
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
380 KB
381 KB
Font
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/fa-regular-400.121b1769.woff2
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.a96c19c0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://djbvmk5k5vh9e.cloudfront.net/assets/index.a96c19c0.css
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
CqvoDn5G8icCvDUL8EZU1e3GLgRq9_oe
date
Sat, 25 May 2024 07:03:12 GMT
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
57446
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
388900
last-modified
Wed, 22 May 2024 05:37:22 GMT
server
AmazonS3
etag
"a927362a975051e5d7361d860d8ffba7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
xCdPvP2plcJxAUnQ7iEF9KgVO6wfmLtRD_o5-mKfDRvPBG3neC9iFA==
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ Frame 1A8F
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:51:06 GMT
x-content-type-options
nosniff
age
245189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:51:06 GMT
deposits
api2.vcita.com/client/payments/v1/ Frame
0
0
Preflight
General
Full URL
https://api2.vcita.com/client/payments/v1/deposits?filter[entity_type][in]=Estimate&filter[entity_uid][eq]=mnc3m9rufx4voq8d&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&matter_uid=9jm7nizj811jitu3&business_uid=j2jmai7zyqo3xx69&portal_id=j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-xsrf-token
Access-Control-Request-Method
GET
Origin
https://marketingpro.sbtpg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-xsrf-token
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
access-control-allow-origin
https://marketingpro.sbtpg.com
access-control-expose-headers
X-Platform
access-control-max-age
1728000
cf-cache-status
DYNAMIC
cf-ray
889920180dc0e3db-TLV
content-encoding
gzip
content-type
text/plain; charset=utf-8
date
Sat, 25 May 2024 22:57:36 GMT
server
cloudflare
x-platform
true
MaterialIcons-Regular.0c9a3f7f.woff2
djbvmk5k5vh9e.cloudfront.net/assets/ Frame 1A8F
59 KB
60 KB
Font
General
Full URL
https://djbvmk5k5vh9e.cloudfront.net/assets/MaterialIcons-Regular.0c9a3f7f.woff2
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.a96c19c0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://djbvmk5k5vh9e.cloudfront.net/assets/index.a96c19c0.css
Origin
https://marketingpro.sbtpg.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 06:34:33 GMT
x-amz-version-id
w7RWHUwsPVys_CXyqmPtQNh3B5vlNXj3
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
58984
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
60840
last-modified
Wed, 22 May 2024 05:37:20 GMT
server
AmazonS3
etag
"0509ab09c1b0d2200a4135803c91d6ce"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
3Qc71Nu2hz8dF35CnCEpuzIiV2FeyrqqhO7Ll01fDpWFPsyXHGMQmA==
deposits
api2.vcita.com/client/payments/v1/ Frame 1A8F
39 B
224 B
XHR
General
Full URL
https://api2.vcita.com/client/payments/v1/deposits?filter[entity_type][in]=Estimate&filter[entity_uid][eq]=mnc3m9rufx4voq8d&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&matter_uid=9jm7nizj811jitu3&business_uid=j2jmai7zyqo3xx69&portal_id=j2jmai7zyqo3xx69
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50547262cf95b91ffc8ca340521f60468e7e5ca9bbc96ec62af6d23cfee62041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-XSRF-TOKEN
IeWF1BF1lnQwKgNd/MPJgypxqjdrgOtwReRRZYpN4+bWsfOHPS77hf2EJO6tj+UloT0C5EMZUuWzOwnRuV55tA==
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiYm44NXQwNWU3a2xsYmx2ZCIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6Imoyam1haTd6eXFvM3h4NjkifSwiZXhwIjoxNzE2NjkyMjUyLCJ0eXBlIjoiY2xpZW50IiwianRpIjoiYWRiNzRjZDk5YzU0NTJiODYxYzk2NjFiOTM2YjE3OTJkZWE4NTFmMTljNzk3ZTI2MGYxMDljOTM0MDI4MTEyYSJ9.Xk-Hs5PnS75ZJwU1JNt6SgWphT_ymbkjFpjXXh46IFM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://marketingpro.sbtpg.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-platform
true
x-xss-protection
1; mode=block
x-request-id
3782e0549752447beaeedf6cbaa7d2f1
x-runtime
0.015385
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"50547262cf95b91ffc8ca340521f6046"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://marketingpro.sbtpg.com
access-control-expose-headers
X-Platform
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-max-age
1728000
cf-ray
889920196cd3e3c7-TLV
vary
Origin
signatures
api.vcita.biz/client/signatures/v1/ Frame 1A8F
677 B
931 B
XHR
General
Full URL
https://api.vcita.biz/client/signatures/v1/signatures?filter[entity_type][eq]=estimate&filter[entity_uid][eq]=mnc3m9rufx4voq8d&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&matter_uid=9jm7nizj811jitu3&business_uid=j2jmai7zyqo3xx69&portal_id=j2jmai7zyqo3xx69
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f4ab46913d37d0828260aa58a24e3980583afad77a6e2fc9b4d9a2bf81f855ef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiYm44NXQwNWU3a2xsYmx2ZCIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6Imoyam1haTd6eXFvM3h4NjkifSwiZXhwIjoxNzE2NjkyMjUyLCJ0eXBlIjoiY2xpZW50IiwianRpIjoiYWRiNzRjZDk5YzU0NTJiODYxYzk2NjFiOTM2YjE3OTJkZWE4NTFmMTljNzk3ZTI2MGYxMDljOTM0MDI4MTEyYSJ9.Xk-Hs5PnS75ZJwU1JNt6SgWphT_ymbkjFpjXXh46IFM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://marketingpro.sbtpg.com/
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
d8GNvTkQ9455jFDa8BLSiaSG6G1MU7zy
date
Sat, 25 May 2024 22:57:36 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"2a5-bkqiL2ZplnwITNDOG8zH/zVPRyw"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Platform
x-platform
true
cf-ray
8899201b5c1ee3d3-TLV
signatures
api.vcita.biz/client/signatures/v1/ Frame
0
0
Preflight
General
Full URL
https://api.vcita.biz/client/signatures/v1/signatures?filter[entity_type][eq]=estimate&filter[entity_uid][eq]=mnc3m9rufx4voq8d&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&matter_uid=9jm7nizj811jitu3&business_uid=j2jmai7zyqo3xx69&portal_id=j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://marketingpro.sbtpg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Authorization
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
X-Platform
cf-cache-status
DYNAMIC
cf-ray
889920180da8e3d3-TLV
date
Sat, 25 May 2024 22:57:36 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-platform
true
fkcnxs3d08pueqbr
api.vcita.biz/client/docuforms/v1/activities/ Frame
0
0
Preflight
General
Full URL
https://api.vcita.biz/client/docuforms/v1/activities/fkcnxs3d08pueqbr?business_uid=j2jmai7zyqo3xx69&matter_uid=9jm7nizj811jitu3&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&portal_id=j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://marketingpro.sbtpg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Authorization
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
X-Platform
cf-cache-status
DYNAMIC
cf-ray
8899201a7a80e3d3-TLV
date
Sat, 25 May 2024 22:57:36 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-platform
true
fkcnxs3d08pueqbr
api.vcita.biz/client/docuforms/v1/activities/ Frame 1A8F
941 B
972 B
XHR
General
Full URL
https://api.vcita.biz/client/docuforms/v1/activities/fkcnxs3d08pueqbr?business_uid=j2jmai7zyqo3xx69&matter_uid=9jm7nizj811jitu3&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&portal_id=j2jmai7zyqo3xx69
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3cc5539d5e09dfba37e40486d67e27649b5d32a6b14f46eee4598af75738d904

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiYm44NXQwNWU3a2xsYmx2ZCIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6Imoyam1haTd6eXFvM3h4NjkifSwiZXhwIjoxNzE2NjkyMjUyLCJ0eXBlIjoiY2xpZW50IiwianRpIjoiYWRiNzRjZDk5YzU0NTJiODYxYzk2NjFiOTM2YjE3OTJkZWE4NTFmMTljNzk3ZTI2MGYxMDljOTM0MDI4MTEyYSJ9.Xk-Hs5PnS75ZJwU1JNt6SgWphT_ymbkjFpjXXh46IFM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://marketingpro.sbtpg.com/
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
3i6mIyA6AHYlyEqNd82g1TxvpZQDm8Zq
date
Sat, 25 May 2024 22:57:36 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"3ad-mUjHiKToBxDXSuHkYjeJuE5t6Kk"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Platform
x-platform
true
cf-ray
8899201bfd54e3d3-TLV
estimate-mnc3m9rufx4voq8d.png
s3.us-east-1.amazonaws.com/vcita-signatures-prod/ Frame 1A8F
33 KB
33 KB
Image
General
Full URL
https://s3.us-east-1.amazonaws.com/vcita-signatures-prod/estimate-mnc3m9rufx4voq8d.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=AKIASWB2SUO26TVEGJUJ%2F20240525%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240525T225736Z&X-Amz-Expires=3600&X-Amz-Signature=08759d08f305ca5cd08e112c17f2c6a3714634fea481d750d46d549596d4626c&X-Amz-SignedHeaders=host&x-id=GetObject
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.213.240 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec5de7694c6fb9cc1ba808c200cf14f7b3a8508d1d5d0518c403514a554806c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 22:57:38 GMT
Content-Encoding
base64
x-amz-version-id
OkPbaBacoJ1WGMEQousHoKcQJeFxKW.j
Last-Modified
Mon, 15 Apr 2024 14:36:33 GMT
Server
AmazonS3
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:184806450101:key/a5408fee-1bce-4dd1-8489-68cdd91c15a2
x-amz-request-id
KYSCRX4KW74AWJ59
ETag
"c5b1801684d1449d730e8ff184c25840"
x-amz-server-side-encryption
aws:kms
Content-Type
image/png
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
33367
x-amz-id-2
QjRigyHUzaYTTSdFc46hf7nC5rYvmY9WY+oyWXzKL0Zan3pKJz9pSiyiD2xQQDEjlp+YntelMyc=
x-amz-server-side-encryption-bucket-key-enabled
true
icons.cd50d585.svg
marketingpro.sbtpg.com/portal/assets/ Frame 1A8F
270 KB
77 KB
Other
General
Full URL
https://marketingpro.sbtpg.com/portal/assets/icons.cd50d585.svg
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/vueComponentNormalizer.3afe50b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cd50d585da883cfd5e64e8c0759a335ea99a53f4a2d17f355d93b560ad5452d8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://marketingpro.sbtpg.com/portal/j2jmai7zyqo3xx69
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:57:37 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 22 May 2024 05:18:02 GMT
server
cloudflare
x-powered-by
Express
etag
W/"436e0-18f9ebc2710"
x-platform
true
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
X-Platform
cache-control
public, max-age=14400
cf-ray
8899201d9c2ae3d7-TLV
expires
Sun, 26 May 2024 02:57:37 GMT
6i774icy00vgl3vx
api.vcita.biz/client/docuforms/v1/activities/ Frame 1A8F
945 B
1 KB
XHR
General
Full URL
https://api.vcita.biz/client/docuforms/v1/activities/6i774icy00vgl3vx?business_uid=j2jmai7zyqo3xx69&matter_uid=9jm7nizj811jitu3&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&portal_id=j2jmai7zyqo3xx69
Requested by
Host: djbvmk5k5vh9e.cloudfront.net
URL: https://djbvmk5k5vh9e.cloudfront.net/assets/index.668a29e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b335ffd010599027ea75122150be49c6eced360c86c6c0cb1d9ec17b3d52a716

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbnRpdHlfdWlkIjoiYm44NXQwNWU3a2xsYmx2ZCIsImV4dHJhIjp7ImJ1c2luZXNzX3VpZCI6Imoyam1haTd6eXFvM3h4NjkifSwiZXhwIjoxNzE2NjkyMjUyLCJ0eXBlIjoiY2xpZW50IiwianRpIjoiYWRiNzRjZDk5YzU0NTJiODYxYzk2NjFiOTM2YjE3OTJkZWE4NTFmMTljNzk3ZTI2MGYxMDljOTM0MDI4MTEyYSJ9.Xk-Hs5PnS75ZJwU1JNt6SgWphT_ymbkjFpjXXh46IFM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://marketingpro.sbtpg.com/
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
Qr2x5IYHi4aNRKD8nfOPNR0VtP29CR9N
date
Sat, 25 May 2024 22:57:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"3b1-J+YPYDOFO5PSTlNn7TUQKzt3TsY"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Platform
x-platform
true
cf-ray
8899201efaede3d3-TLV
6i774icy00vgl3vx
api.vcita.biz/client/docuforms/v1/activities/ Frame
0
0
Preflight
General
Full URL
https://api.vcita.biz/client/docuforms/v1/activities/6i774icy00vgl3vx?business_uid=j2jmai7zyqo3xx69&matter_uid=9jm7nizj811jitu3&o=YXV0b21hdGljX21lc3NhZ2Vz&s=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&vtm_ch=ZW1haWw%253D&vtm_cp=cmVxdWVzdA%253D%253D&isMixpanelStatistic=false&source_name=YXV0b21hdGljX21lc3NhZ2Vz&source_url=https:%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Fo%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26isWidget%3Dfalse%26from_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26pay%3Dfalse&source_campaign=cmVxdWVzdA%253D%253D&campaign=cmVxdWVzdA%253D%253D&source_channel=ZW1haWw%253D&channel=ZW1haWw%253D&portal_id=j2jmai7zyqo3xx69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://marketingpro.sbtpg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Authorization
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
X-Platform
cf-cache-status
DYNAMIC
cf-ray
8899201d9835e3d3-TLV
date
Sat, 25 May 2024 22:57:37 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-platform
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
marketingpro.sbtpg.com
URL
https://marketingpro.sbtpg.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| liveSiteAsyncInit object| mod object| ngFileUpload function| $ function| jQuery object| angular function| moment object| ngMaterial function| _ object| angulartics object| showdown object| cloudinary object| app_config object| LiveSite object| __cfBeacon undefined| lsParam undefined| custom_param_1 undefined| custom_param_2 undefined| custom_param_3 undefined| custom_param_4 undefined| custom_param_5 object| utm_params object| params

13 Cookies

Domain/Path Name / Value
marketingpro.sbtpg.com/ Name: XSRF-TOKEN
Value: IeWF1BF1lnQwKgNd%2FMPJgypxqjdrgOtwReRRZYpN4%2BbWsfOHPS77hf2EJO6tj%2BUloT0C5EMZUuWzOwnRuV55tA%3D%3D
.sbtpg.com/ Name: ____vcita_session_v6
Value: HSaMHQ5YvwKu3x8KiU9O3kj94h8LW51iEPvFdK9G2XJJEyY4ucqPBwRBEbzHXx30%2BzV4gtbNrGTS2ihRBAhn4b18kuvYYcF3sGhNQ15r4BQ0XwMUBVV7vU4TJH828Q0VwpjzClclmJesLGNo6K2IrCx%2BBTM2Zu5jApCXg%2BODDTDxg1d1i0r%2BgTgHo%2FS1mm4xzRN8sJcQEB8lhN3urY3Po3Ykq%2FAGgXkiHPruvr5zqDTSHuNB%2BggRSmhYgVXH91kg0wawyeS0Stdfg0Ix3IYLEtipg37MX%2Bk3MA%3D%3D--J0x42RGjILf1lPpr--rm6KroY%2FHndJmUPTUzcyUA%3D%3D
marketingpro.sbtpg.com/ Name: source_referrer
Value: https%3A%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Ffrom_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26o%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26pay%3Dfalse
.sbtpg.com/ Name: ____vcita_session
Value: BAh7CUkiD3Nlc3Npb25faWQGOgZFVEkiJTcxM2YyN2E0ZTJjYTA0NDYxYzYwYThiMjY3MzIzNTdjBjsAVEkiIXdhcmRlbi51c2VyLnpvbmVfMjAxNzk4OS5rZXkGOwBUWwhpBI2xWQlpA8XKHkkiJTIxNzFiMGNjNmY0YzVlNmM4ZDdiYzViZmQxYTY5OTA5BjsARkkiEF9jc3JmX3Rva2VuBjsARkkiMTkxUjJVeXhiYmZITnJpZXpVVXdzcG90TXFOTW9tYm1WOXQ5WXRETVRtbEk9BjsARkkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIgI7AWh0dHBzOi8vbWFya2V0aW5ncHJvLnNidHBnLmNvbS9zaXRlL3RheGludGltZXMvYWN0aW9uP2Zyb21fZW1haWw9dHJ1ZSZyZXF1ZXN0ZWRfcGF0aD0lMkZlc3RpbWF0ZXMlMkZtbmMzbTlydWZ4NHZvcThkJmVuZ2FnZW1lbnQ9OWptN25pemo4MTFqaXR1MyZtYXR0ZXJfdWlkPTlqbTduaXpqODExaml0dTMmZmxvdz1FbWFpbF9BY3Rpb24mZmxvd19vcmlnaW49cmVxdWVzdCZmbG93X2FjdGlvbj12aWV3X2VzdGltYXRlJm89WVhWMGIyMWhkR2xqWDIxbGMzTmhaMlZ6JnZ0bV9jaD1aVzFoYVd3JTNEJnZ0bV9jcD1jbVZ4ZFdWemRBJTNEJTNEJnBheT1mYWxzZQY7AEY%3D--ebbed9324cff4a6802ace998691dc93fb1daabaa
.sbtpg.com/ Name: mp_814301bcd06305ef3bd8af57d3a0ab31_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18fb1f9438159b-00d0843f899c01-26001c51-1d4c00-18fb1f9438159b%22%2C%22%24device_id%22%3A%20%2218fb1f9438159b-00d0843f899c01-26001c51-1d4c00-18fb1f9438159b%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Ffrom_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26o%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26pay%3Dfalse%22%2C%22%24initial_referring_domain%22%3A%20%22marketingpro.sbtpg.com%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fmarketingpro.sbtpg.com%2Fsite%2Ftaxintimes%2Faction%3Ffrom_email%3Dtrue%26requested_path%3D%252Festimates%252Fmnc3m9rufx4voq8d%26engagement%3D9jm7nizj811jitu3%26matter_uid%3D9jm7nizj811jitu3%26flow%3DEmail_Action%26flow_origin%3Drequest%26flow_action%3Dview_estimate%26o%3DYXV0b21hdGljX21lc3NhZ2Vz%26vtm_ch%3DZW1haWw%253D%26vtm_cp%3DcmVxdWVzdA%253D%253D%26pay%3Dfalse%22%2C%22%24initial_referring_domain%22%3A%20%22marketingpro.sbtpg.com%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.marketingpro.sbtpg.com/ Name: cf_clearance
Value: BarVnfh_CITG6pqTnpsTjfNZ4kyIqEenZq6bKexO_iY-1716677854-1.0.1.1-7MWp6sucJ.q2OIEr9482cEVg7NbOmWwadz2RMGECz1YUbfu8gaxTWVzxsCAN7SlQRcUhYxUzpwB1EmLaJ.sHow
.marketingpro.sbtpg.com/ Name: __cf_bm
Value: 0DtcNeRZ7oV_lYybMShwKdaow0ftPRO1E2cOuyoLH1k-1716677854-1.0.1.1-1QjsOp1s_6Oi9FZHvWz_qyOuZcSdx.S_9XGhpDtz9SRzjpX_RjNP.kRDMTRZf1QqbJHQaYA98yggkIcGj3aeUyEpapmrN9pMRLsf27U9ePE
.marketingpro.sbtpg.com/ Name: _cfuvid
Value: BEnJbtQs8HFTc7RFEjqQ0Z0.6HtN1YjuQM7gdDsZavA-1716677854695-0.0.1.1-604800000
.vcita.com/ Name: __cf_bm
Value: KXPGhpiRpE9iQSl27oNJfd9ALgbO7uQmDdQVmRAQMXE-1716677855-1.0.1.1-G52elryRi9dXZtE3XbKF.8iSwiRVpENaysJ49bRn8i1Udf66xC8qDhlUVlSCtiLjkszJY9jgbYde6947PikuRr97g5JE3eYWy_Q5LX8kXVE
.vcita.com/ Name: _cfuvid
Value: pYz58i1hU2WCKD9Aehwuc2ZlxmDGklbGRtutYkwNDbQ-1716677855369-0.0.1.1-604800000
m.stripe.com/ Name: m
Value: df87587b-b881-4ad7-a8e4-ab132abd169e4de089
.marketingpro.sbtpg.com/ Name: __stripe_mid
Value: 318c987e-2ec4-4ddc-b983-ef9e65f35cb89cc796
.marketingpro.sbtpg.com/ Name: __stripe_sid
Value: a8db04b9-9fc1-4e11-ab8d-7778ce7d3ac27a5e72

9 Console Messages

Source Level URL
Text
other warning URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://marketingpro.sbtpg.com/site/taxintimes/action?from_email=true&requested_path=%2Festimates%2Fmnc3m9rufx4voq8d&engagement=9jm7nizj811jitu3&matter_uid=9jm7nizj811jitu3&flow=Email_Action&flow_origin=request&flow_action=view_estimate&o=YXV0b21hdGljX21lc3NhZ2Vz&vtm_ch=ZW1haWw%3D&vtm_cp=cmVxdWVzdA%3D%3D&pay=false
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.vcita.biz
api2.vcita.com
c15117557.ssl.cf2.rackcdn.com
cdn.icomoon.io
cdn.mxpnl.com
clickme.myclients.email
d1azc1qln24ryf.cloudfront.net
d27yogw9sew6u9.cloudfront.net
d2ra6nuwn69ktl.cloudfront.net
djbvmk5k5vh9e.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
maps.googleapis.com
marketingpro.sbtpg.com
res.cloudinary.com
s3.us-east-1.amazonaws.com
static.cloudflareinsights.com
www.google.com
marketingpro.sbtpg.com
104.16.80.73
104.18.27.3
104.18.7.170
104.19.166.65
108.138.24.162
13.32.121.112
13.32.121.13
13.33.158.46
138.199.37.227
142.250.184.234
142.250.185.131
142.250.186.42
143.204.98.18
172.217.18.100
18.245.62.85
18.66.147.58
23.212.202.218
35.186.235.23
52.216.213.240
02c3cdc9e1fe427ad90b747a54d1feb6dd6022891f1d1e818d6529aca1dafded
08101cc20aaced94ec971a4884789759979719f733bd1f381b91ad2b1909d74a
08c372d2f393302ad0795615edd7bec4cb5dbc3bd6bc58b456eb687d062d35c4
0902768e99e4a36fc526019ad4004798705ba524702116a1764aca52db3373e4
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e
2c8352ddf516bf97f2cefd10041a447856f6e3e5dd29ac68fa615bfd152aad33
2f540547ccea33a76c8e462aec410980033f0370797c8bda7d57aa1cca1bcb10
3cc5539d5e09dfba37e40486d67e27649b5d32a6b14f46eee4598af75738d904
44b474b58771059cc9ff9f5bc53c1acb7eb156e930c1775139301f79ab22d426
45bb9471239379b5d4f90ec8f894daf924dbb44c9e5084ddcee7eb6dec6fdbe6
46ae47b566de2bed3d20b35e6781336004188f2f8ddf380d4e52fb6cc4ddae08
4986f2ad0e95dcad1c34a6a6b3b78eb526b56a71e735d13e9e6bbad72f12d809
4f73608b0c7e636a6d4ef25d8291368fe0718833907494cd34de62d453b76550
50547262cf95b91ffc8ca340521f60468e7e5ca9bbc96ec62af6d23cfee62041
58e93385632bc6150f8cd386c98e62eb8a63621a12d0d6a69c15219916dbb126
5e8bcdad84514cbe44ed8613860b34381ff7b709a081e5d10f181f4237c26100
663d7fb53fb886538b05a26c9e74faed2d7c3cc8e39fdd343339774f52a4a76e
66db31e541bc529c80120e6edfd1538ea376a8ad68d58e114f21b66466ce7896
688aac7001b9cf8483f8ecff49f1d2a7581998e2a9c794d6fb3aca2752552535
689f524d4be8c3c81edf98d288ee03455f0965e87900216dc11d68f9fadfd476
69fb99ed2cc9746df5df956c0cd2cdac5809264cdccafb68de6b5b50e6ee1369
70973ded0c5fce89c6fd4ac5440077e68158f374e5f01cd3f5738dcb9a135ef2
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
87a9dc9be70cd0233d8ce1e472fe0751e178b7a1a42f5adde35f275ef0cefcc3
88b36c2b144d2d9bdafa22a6a0a68a625d0e4889426bab5201df53b0ae89cedf
8c9a08f02ab665a5372933bdb2e368fd8e40c128bb611c0d83eea1a7f88fe7d4
8f450b669b7885c1b3fa5f61a0c4c5dc7ab673ed97eeadc626bdcdaf41ed0d68
90b785e9e7467a46c6b69bb7c3241664632af3d261cdfb683c8d5ba651f32f85
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
963ff49d71341f1f0ae31b9e6ae1077bcfbf6a6e5b628841b4e8c4a3bf69e5bf
9b1965a4af4214d5e854c2cb673f7f242107a42e9c45b6321f2f7a72396acba7
9d7b8f4fac61ab33ed4f14e0f9fe4dbdc98633267df1ea75add4bec949b6e8e6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a94e7220fbe1d9eb34b78c73ea3bf0f57cf4cbbdfef62e416ac8d312807d882d
a96c19c0d5b7566732a8aa0b837a4c5106e9926c6685dff1169e6878f5f4688c
b335ffd010599027ea75122150be49c6eced360c86c6c0cb1d9ec17b3d52a716
b6d4ec27c17cc6d79c39e2ad40a71ad95b19f6cf1f8ad7cf9ccb8c873db1b088
b79618f368f75ff129d43633dbc172693b6146fac285e461bb13c3f4b0e73d49
bdbf5910788c62244e3ff8b0ad8dc95f31dfda9d7f4a2ebb7b8a587ccb99972f
c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586
ca1308bfa147ac44071aa3b44f441469ba5d354eb830433047a6eebd604b0358
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca6221273db771ccd3d122b12e5d061835baa262b0a3487f10ee942147b4aa77
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd50d585da883cfd5e64e8c0759a335ea99a53f4a2d17f355d93b560ad5452d8
ce54149f0970d002edcd023e803eefff082be47565bb877397e7bb6e8392208f
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d4515818def64bccd5c740dadb1967b2a8672b4e2210fae126d15fb3f8ae11f0
dae9d74af9c878c2b195433eb3e48204cfb3805b2d4df9d2a7eebc7c8be0d9da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99a0c301ded3af0ad3e5ccdee4d2977a9470a97c7fa506a4a296de6cf1126e4
ec5de7694c6fb9cc1ba808c200cf14f7b3a8508d1d5d0518c403514a554806c3
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
f4ab46913d37d0828260aa58a24e3980583afad77a6e2fc9b4d9a2bf81f855ef
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f864fc84c113582585836fc1fa4d02fce47b55bcc0e99505b468ff22d1da7da6
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7