urlscan.io logo urlscan.io
SecurityTrails logo

order.capitavoucher.com.sg Open in urlscan Pro
18.155.68.60  Public Scan

Go To Rescan Add Verdict Report
URL: https://order.capitavoucher.com.sg/login
Submission Tags: falconsandbox
Submission: On February 23 via api from US — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 27 HTTP transactions. The main IP is 18.155.68.60, located in United States and belongs to AMAZON-02, US. The main domain is order.capitavoucher.com.sg.
TLS certificate: Issued by Entrust Certification Authority - L1K on May 21st 2022. Valid for: a year.
This is the only time order.capitavoucher.com.sg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 18.155.68.60 16509 (AMAZON-02)
5 13.35.18.163 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
2 2404:6800:400... 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
8 2404:6800:400... 15169 (GOOGLE)
2 13.33.88.86 16509 (AMAZON-02)
1 54.38.211.230 16276 (OVH)
27 9
3    18.155.68.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-60.sin52.r.cloudfront.net
order.capitavoucher.com.sg
5    13.35.18.163 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-18-163.sin5.r.cloudfront.net
d1o7uku192uawx.cloudfront.net
1    2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
2    2404:6800:4003:c04::61 (Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2404:6800:4003:c04::93 (Singapore)

ASN15169 (GOOGLE, US)
www.google.com
8    2404:6800:4003:c03::5e (Singapore)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
2    13.33.88.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-86.sin2.r.cloudfront.net
stage.woohoo.in
1    54.38.211.230 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip230.ip-54-38-211.eu
cdn.page-source.com
Apex Domain
Subdomains		 Transfer
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
573 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
52 KB
5 cloudfront.net
d1o7uku192uawx.cloudfront.net
338 KB
3 capitavoucher.com.sg
order.capitavoucher.com.sg
18 KB
2 woohoo.in
stage.woohoo.in
851 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
1 page-source.com
cdn.page-source.com — Cisco Umbrella Rank: 321342
143 B
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2232
660 B
27 8
Domain Requested by
6 www.gstatic.com www.google.com
www.gstatic.com
5 www.google.com d1o7uku192uawx.cloudfront.net
www.google.com
www.gstatic.com
5 d1o7uku192uawx.cloudfront.net order.capitavoucher.com.sg
d1o7uku192uawx.cloudfront.net
3 order.capitavoucher.com.sg order.capitavoucher.com.sg
d1o7uku192uawx.cloudfront.net
2 fonts.gstatic.com www.google.com
2 stage.woohoo.in order.capitavoucher.com.sg
2 www.googletagmanager.com d1o7uku192uawx.cloudfront.net
1 cdn.page-source.com
1 cdn.polyfill.io order.capitavoucher.com.sg
27 9

This site contains links to these domains. Also see Links.

Domain
policies.google.com
Subject Issuer Validity Valid
*.capitavoucher.com.sg
Entrust Certification Authority - L1K		 2022-05-21 -
2023-06-20		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.woohoo.in
Amazon RSA 2048 M02		 2023-02-20 -
2023-06-30		 4 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.page-source.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-15 -
2024-02-15		 a year crt.sh

This page contains 3 frames:

Primary Page: https://order.capitavoucher.com.sg/login
Frame ID: F9B14CC2BBCC21BC73194A5B35EDC239
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2WQsaAAAAAGMRkO097avHTGmPRrWdYZDri6HG&co=aHR0cHM6Ly9vcmRlci5jYXBpdGF2b3VjaGVyLmNvbS5zZzo0NDM.&hl=zh-CN&type=image&v=O4xzMiFqEvA4YhWjk5t8Xuas&theme=light&size=invisible&badge=bottomright&cb=pa8lhy4n07ct
Frame ID: EC152C18738CA98C1546913E5F54C518
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=O4xzMiFqEvA4YhWjk5t8Xuas&k=6Lf2WQsaAAAAAGMRkO097avHTGmPRrWdYZDri6HG
Frame ID: 6C9F87A0A26F9EBB342A0730651471E7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

27
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

1834 kB
Transfer

3517 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
order.capitavoucher.com.sg/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://order.capitavoucher.com.sg/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-60.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
4fc006424cb7d8b3f9c4c27a0b906e526fe64d3b0d9aa9684616f342f3a7f170
Security Headers
Name Value
Content-Security-Policy default-src 'self';connect-src 'self' wss://*.zopim.com *.zopim.com *.zdassets.com *.cloudfront.net *.qubit.com *.woohoo.in *.branch.io *.loggly.com;frame-src *.google.com vars.hotjar.com *.doubleclick.net *.youtube.com giftbig.wufoo.com *.googletagmanager.com;img-src 'self' data: 'unsafe-eval' *.zopim.io *.zopim.com cdn.page-source.com *.googletagmanager.com metrics.makemytrip.com *.woohoo.in bat.bing.com *.scorecardresearch.com *.google.com *.google.co.in 'unsafe-inline' *.doubleclick.net *.images-home.com *.google-analytics.com *.amazonaws.com *.woohoo.in *.cloudfront.net *.facebook.com *.googleadservices.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.zdassets.com *.zopim.com *.bing.com *.scorecardresearch.com script.hotjar.com cdn-3.convertexperiments.com script.crazyegg.com static.hotjar.com static.tacdn.com customs.affilired.com *.makemytrip.com *.qubit.com *.loggly.com *.gstatic.com *.doubleclick.net app.link *.googletagmanager.com *.branch.io *.facebook.net *.wufoo.com *.images-home.com *.google-analytics.com cdn.polyfill.io google-analytics.com *.cloudfront.net *.google.com *.bs.serving-sys.com *.connect.facebook.net *.googleadservices.com *.googletagmanager.com;style-src 'self' 'unsafe-inline' *.zopim.com *.cloudfront.net *.googleapis.com;font-src 'self' data: *.zopim.com *.cloudfront.net *.gstatic.com fonts.googleapis.com;media-src 'self' *.zopim.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0, s-maxage=0
content-encoding
gzip
content-security-policy
default-src 'self';connect-src 'self' wss://*.zopim.com *.zopim.com *.zdassets.com *.cloudfront.net *.qubit.com *.woohoo.in *.branch.io *.loggly.com;frame-src *.google.com vars.hotjar.com *.doubleclick.net *.youtube.com giftbig.wufoo.com *.googletagmanager.com;img-src 'self' data: 'unsafe-eval' *.zopim.io *.zopim.com cdn.page-source.com *.googletagmanager.com metrics.makemytrip.com *.woohoo.in bat.bing.com *.scorecardresearch.com *.google.com *.google.co.in 'unsafe-inline' *.doubleclick.net *.images-home.com *.google-analytics.com *.amazonaws.com *.woohoo.in *.cloudfront.net *.facebook.com *.googleadservices.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.zdassets.com *.zopim.com *.bing.com *.scorecardresearch.com script.hotjar.com cdn-3.convertexperiments.com script.crazyegg.com static.hotjar.com static.tacdn.com customs.affilired.com *.makemytrip.com *.qubit.com *.loggly.com *.gstatic.com *.doubleclick.net app.link *.googletagmanager.com *.branch.io *.facebook.net *.wufoo.com *.images-home.com *.google-analytics.com cdn.polyfill.io google-analytics.com *.cloudfront.net *.google.com *.bs.serving-sys.com *.connect.facebook.net *.googleadservices.com *.googletagmanager.com;style-src 'self' 'unsafe-inline' *.zopim.com *.cloudfront.net *.googleapis.com;font-src 'self' data: *.zopim.com *.cloudfront.net *.gstatic.com fonts.googleapis.com;media-src 'self' *.zopim.com;
content-type
text/html; charset=utf-8
date
Thu, 23 Feb 2023 17:44:38 GMT
etag
W/"2f70-nq3zGR6YGlWIcagbmcX0embea0o"
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 33e34fa0e388cd08b1ada7f8b2f1654c.cloudfront.net (CloudFront)
x-amz-cf-id
YA8MlIHSICWSsy3h-XE9HFxbDyEF4FsCDo92G-kQ1PFGzyj_6M3tUA==
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
styles.3f15fe66bc61c250e3af.css
d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/style/ 		321 KB
115 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/style/styles.3f15fe66bc61c250e3af.css
Requested by
Host: order.capitavoucher.com.sg
URL: https://order.capitavoucher.com.sg/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-163.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47c606f9bd775d440a8e994763bb32907615d55495abb40444bb65c4e9fa7aa4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://order.capitavoucher.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 05:34:14 GMT
Content-Encoding
gzip
Via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
Last-Modified
Thu, 08 Dec 2022 18:14:41 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
2463025
ETag
W/"b5d93457187c0f952d11a0cbaa760fc9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
X-Cache
Hit from cloudfront
Cache-Control
max-age=2628000
Connection
keep-alive
X-Amz-Cf-Id
u8qLCGvUj_5WEunhVidoZfJnqdghS3SCxGHGZNgPto4pjU9xxy2mnQ==
polyfill.min.js
cdn.polyfill.io/v3/ 		101 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v3/polyfill.min.js?features=default,Array.prototype.includes,Array.prototype.entries
Requested by
Host: order.capitavoucher.com.sg
URL: https://order.capitavoucher.com.sg/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://order.capitavoucher.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Feb 2023 17:44:39 GMT
age
100373
detected-user-agent
Chrome Mobile/110.0.0
useragent_normaliser
chrome/110.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=3
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
last-modified
Wed, 22 Feb 2023 11:03:04 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/110.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
default.vendors~client.973c601eb9ebc037d037.js
d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/ 		581 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.vendors~client.973c601eb9ebc037d037.js
Requested by
Host: order.capitavoucher.com.sg
URL: https://order.capitavoucher.com.sg/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-163.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12327413788e681934abd8d691a879d8d2a2e982493f94231822383985f4b4a5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://order.capitavoucher.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 31 Jan 2023 22:39:01 GMT
Content-Encoding
gzip
Via
1.1 dc82e67c3cbbf5963a8de3bcf19baccc.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Jan 2023 16:58:35 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
1969538
ETag
W/"a3d0cf2bfaf6d60c828b61a36783df40"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Cache
Hit from cloudfront
Cache-Control
max-age=2628000
Connection
keep-alive
X-Amz-Cf-Id
bzH8QLb2u6-GLaFYXMjFxzeIHDa9MzOHReEocKv8lvMnUuhWv80VeA==
default.client.cab10e29600e59797ef9.js
d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/ 		164 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.client.cab10e29600e59797ef9.js
Requested by
Host: order.capitavoucher.com.sg
URL: https://order.capitavoucher.com.sg/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-163.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82e4e1f731b6628fc2d005afb116263ebf45687a85e8645cf83f871ccc1ccf96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://order.capitavoucher.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 23:28:56 GMT
Content-Encoding
gzip
Via
1.1 47f0d09d9d5d7d899c2e467cfbfb08e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SIN5-C1
Age
1361742
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 07 Feb 2023 16:23:27 GMT
Server
AmazonS3
ETag
W/"e79643ad1d8149874e61a3d6f571c9ce"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2628000
X-Amz-Cf-Id
2J2Fx-LQfs00d0RjJms6bpRoXHEpvurhtK_V9fksVtGQkcuIIpQsxA==
default.styles.539ce3eca90504c1f7b4.js
d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/ 		8 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.styles.539ce3eca90504c1f7b4.js
Requested by
Host: order.capitavoucher.com.sg
URL: https://order.capitavoucher.com.sg/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-163.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fedc7deb11103f0e32c599456406abea829357a6f0250c84fbcb950beca419f5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://order.capitavoucher.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 31 Jan 2023 22:39:01 GMT
Content-Encoding
gzip
Via
1.1 0b3572829f6f42309f3adfa694398770.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Jan 2023 16:58:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
1969538
ETag
W/"d6714cb1d400e7ea00e0d161618fc847"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Cache
Hit from cloudfront
Cache-Control
max-age=2628000
Connection
keep-alive
X-Amz-Cf-Id
45lRzNovaOCwv2b-YomYiE1s75aZQEei6VgIAvkd4hbVE3W2uwFe0Q==
default.js
order.capitavoucher.com.sg/js/ 		721 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://order.capitavoucher.com.sg/js/default.js
Requested by
Host: order.capitavoucher.com.sg
URL: https://order.capitavoucher.com.sg/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-60.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
3d738368f4022ffa3f34668a5bd032f524b3b5bd080b9032b627dcae66aaf371

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://order.capitavoucher.com.sg/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 17:44:39 GMT
via
1.1 33e34fa0e388cd08b1ada7f8b2f1654c.cloudfront.net (CloudFront)
last-modified
Tue, 07 Feb 2023 14:33:42 GMT
server
nginx
x-amz-cf-pop
SIN52-P1
etag
W/"2d1-1862c4bf970"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
721
x-amz-cf-id
Tfj9WkAsaHIgcLC8eObsoXlmT1urMxGGwa8ZGVLZ20kuZmbvgbHBjw==
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=
Requested by
Host: d1o7uku192uawx.cloudfront.net
URL: https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.client.cab10e29600e59797ef9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://order.capitavoucher.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
api.js
www.google.com/recaptcha/ 		912 B
906 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: d1o7uku192uawx.cloudfront.net
URL: https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.vendors~client.973c601eb9ebc037d037.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::93 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e57e5b16a7fb363d73d0c06323af59ec22cc042ddfd05c533304ec715abb31a0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://order.capitavoucher.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 17:44:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
584
x-xss-protection
1; mode=block
expires
Thu, 23 Feb 2023 17:44:39 GMT
settings
order.capitavoucher.com.sg/proxy/ 		30 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://order.capitavoucher.com.sg/proxy/settings
Requested by
Host: d1o7uku192uawx.cloudfront.net
URL: https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.client.cab10e29600e59797ef9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-60.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
1d38c531f921573b8763bd89e71e45dffd82efc063038b852a5c9513955e8868
Security Headers
Name Value
Content-Security-Policy default-src 'self';connect-src 'self' wss://*.zopim.com *.zopim.com *.zdassets.com *.cloudfront.net *.qubit.com *.woohoo.in *.branch.io *.loggly.com;frame-src *.google.com vars.hotjar.com *.doubleclick.net *.youtube.com giftbig.wufoo.com *.googletagmanager.com;img-src 'self' data: 'unsafe-eval' *.zopim.io *.zopim.com cdn.page-source.com *.googletagmanager.com metrics.makemytrip.com *.woohoo.in bat.bing.com *.scorecardresearch.com *.google.com *.google.co.in 'unsafe-inline' *.doubleclick.net *.images-home.com *.google-analytics.com *.amazonaws.com *.woohoo.in *.cloudfront.net *.facebook.com *.googleadservices.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.zdassets.com *.zopim.com *.bing.com *.scorecardresearch.com script.hotjar.com cdn-3.convertexperiments.com script.crazyegg.com static.hotjar.com static.tacdn.com customs.affilired.com *.makemytrip.com *.qubit.com *.loggly.com *.gstatic.com *.doubleclick.net app.link *.googletagmanager.com *.branch.io *.facebook.net *.wufoo.com *.images-home.com *.google-analytics.com cdn.polyfill.io google-analytics.com *.cloudfront.net *.google.com *.bs.serving-sys.com *.connect.facebook.net *.googleadservices.com *.googletagmanager.com;style-src 'self' 'unsafe-inline' *.zopim.com *.cloudfront.net *.googleapis.com;font-src 'self' data: *.zopim.com *.cloudfront.net *.gstatic.com fonts.googleapis.com;media-src 'self' *.zopim.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://order.capitavoucher.com.sg/login
x-user-email
false
accept-language
zh-SG,zh;q=0.9
x-api
settings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Feb 2023 17:42:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
content-security-policy
default-src 'self';connect-src 'self' wss://*.zopim.com *.zopim.com *.zdassets.com *.cloudfront.net *.qubit.com *.woohoo.in *.branch.io *.loggly.com;frame-src *.google.com vars.hotjar.com *.doubleclick.net *.youtube.com giftbig.wufoo.com *.googletagmanager.com;img-src 'self' data: 'unsafe-eval' *.zopim.io *.zopim.com cdn.page-source.com *.googletagmanager.com metrics.makemytrip.com *.woohoo.in bat.bing.com *.scorecardresearch.com *.google.com *.google.co.in 'unsafe-inline' *.doubleclick.net *.images-home.com *.google-analytics.com *.amazonaws.com *.woohoo.in *.cloudfront.net *.facebook.com *.googleadservices.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.zdassets.com *.zopim.com *.bing.com *.scorecardresearch.com script.hotjar.com cdn-3.convertexperiments.com script.crazyegg.com static.hotjar.com static.tacdn.com customs.affilired.com *.makemytrip.com *.qubit.com *.loggly.com *.gstatic.com *.doubleclick.net app.link *.googletagmanager.com *.branch.io *.facebook.net *.wufoo.com *.images-home.com *.google-analytics.com cdn.polyfill.io google-analytics.com *.cloudfront.net *.google.com *.bs.serving-sys.com *.connect.facebook.net *.googleadservices.com *.googletagmanager.com;style-src 'self' 'unsafe-inline' *.zopim.com *.cloudfront.net *.googleapis.com;font-src 'self' data: *.zopim.com *.cloudfront.net *.gstatic.com fonts.googleapis.com;media-src 'self' *.zopim.com;
via
1.1 33e34fa0e388cd08b1ada7f8b2f1654c.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
age
132
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
etag
W/"77eb-qkcnECzPOKKQdahb/1IWnaaeAEQ"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0, s-maxage=0
x-amz-cf-id
qHjZiSTX6q9wsdSfI7Y9fGWLcPMOBzcwOTJb_CUTR1F5QOJm6tUWhw==
expires
-1
default.3.070fd1a39ccaa52bfdb0.js
d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/ 		72 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.3.070fd1a39ccaa52bfdb0.js
Requested by
Host: d1o7uku192uawx.cloudfront.net
URL: https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.client.cab10e29600e59797ef9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-163.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
288c54ce689e598bf9e764782ce03d43eba8095a1230ead9f17958c672a08edd

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://order.capitavoucher.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 31 Jan 2023 22:39:02 GMT
Content-Encoding
gzip
Via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Jan 2023 16:58:26 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
1969538
ETag
W/"d2e34a73f4ee59b20860c31dc24513be"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Cache
Hit from cloudfront
Cache-Control
max-age=2628000
Connection
keep-alive
X-Amz-Cf-Id
N26FAhWzT9a6U8sHRn1hIuhdjm42_wucoFVhOMyaboKISWKUpQ4SSQ==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7f5388221b80e0c0748c7af826856d54854c2d027867968bf33031c0a34383a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ 		413 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__zh_cn.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9661637d04f1359d79d7b60aad331e5f5d5a353d03dc4f86c61ee2e7cc07ded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://order.capitavoucher.com.sg/
Origin
https://order.capitavoucher.com.sg
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 15:10:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167730
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 05:01:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Feb 2024 15:10:13 GMT
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=
Requested by
Host: d1o7uku192uawx.cloudfront.net
URL: https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.client.cab10e29600e59797ef9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://order.capitavoucher.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
image001.png
stage.woohoo.in/media/Logo/websites/434/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage.woohoo.in/media/Logo/websites/434/image001.png
Requested by
Host: order.capitavoucher.com.sg
URL: https://order.capitavoucher.com.sg/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-86.sin2.r.cloudfront.net
Software
Apache /
Resource Hash
ae1d1c9adecaacba9b0f9389cde894a91400ec158a511d0d4e31fec2669c2360
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://order.capitavoucher.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 17:44:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 07:22:02 GMT
server
Apache
x-amz-cf-pop
SIN2-P2
etag
"21ab-5cff16209f910"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
8619
x-amz-cf-id
JpxVSDDqMsF9-0Hj67AhI77ZtEyQbdrJVNCv-HHWHpL1jIacqLbMoQ==
21June_eCV_CorporatePortalBanner1440x930_2.jpg
stage.woohoo.in/media/login/bg/websites/434/ 		841 KB
842 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage.woohoo.in/media/login/bg/websites/434/21June_eCV_CorporatePortalBanner1440x930_2.jpg
Requested by
Host: order.capitavoucher.com.sg
URL: https://order.capitavoucher.com.sg/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-86.sin2.r.cloudfront.net
Software
Apache /
Resource Hash
88b3360eda0c46b7413a6881dbf3e5a2d7a49d2f425dd4a9b48ec5a796c60dfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://order.capitavoucher.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 23 Feb 2023 17:44:39 GMT
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
last-modified
Thu, 23 Dec 2021 13:51:46 GMT
server
Apache
x-amz-cf-pop
SIN2-P2
etag
"d230f-5d3d08a0ce728"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
860943
x-amz-cf-id
KJ35cXqdNzSVVu7dPnl68ldD6OnU9dp8kSMniYQHRJ4N9TDZNj5-RA==
anchor
www.google.com/recaptcha/api2/ Frame EC15 		49 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2WQsaAAAAAGMRkO097avHTGmPRrWdYZDri6HG&co=aHR0cHM6Ly9vcmRlci5jYXBpdGF2b3VjaGVyLmNvbS5zZzo0NDM.&hl=zh-CN&type=image&v=O4xzMiFqEvA4YhWjk5t8Xuas&theme=light&size=invisible&badge=bottomright&cb=pa8lhy4n07ct
Requested by
Host: d1o7uku192uawx.cloudfront.net
URL: https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.vendors~client.973c601eb9ebc037d037.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::93 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ac2fecfb6662e315a38038353de3898611f8b607c9d085795590efa63fa3ae0c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RMEJv6pGJf2DQbT4U91hjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://order.capitavoucher.com.sg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
27448
content-security-policy
script-src 'report-sample' 'nonce-RMEJv6pGJf2DQbT4U91hjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 17:44:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame EC15 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2WQsaAAAAAGMRkO097avHTGmPRrWdYZDri6HG&co=aHR0cHM6Ly9vcmRlci5jYXBpdGF2b3VjaGVyLmNvbS5zZzo0NDM.&hl=zh-CN&type=image&v=O4xzMiFqEvA4YhWjk5t8Xuas&theme=light&size=invisible&badge=bottomright&cb=pa8lhy4n07ct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 06:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 05:01:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 06:32:53 GMT
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame EC15 		413 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__zh_cn.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2WQsaAAAAAGMRkO097avHTGmPRrWdYZDri6HG&co=aHR0cHM6Ly9vcmRlci5jYXBpdGF2b3VjaGVyLmNvbS5zZzo0NDM.&hl=zh-CN&type=image&v=O4xzMiFqEvA4YhWjk5t8Xuas&theme=light&size=invisible&badge=bottomright&cb=pa8lhy4n07ct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9661637d04f1359d79d7b60aad331e5f5d5a353d03dc4f86c61ee2e7cc07ded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 15:10:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167730
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 05:01:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Feb 2024 15:10:13 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EC15 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 16:23:49 GMT
x-content-type-options
nosniff
age
350450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sun, 26 Feb 2023 16:23:49 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC15 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2WQsaAAAAAGMRkO097avHTGmPRrWdYZDri6HG&co=aHR0cHM6Ly9vcmRlci5jYXBpdGF2b3VjaGVyLmNvbS5zZzo0NDM.&hl=zh-CN&type=image&v=O4xzMiFqEvA4YhWjk5t8Xuas&theme=light&size=invisible&badge=bottomright&cb=pa8lhy4n07ct
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 03:33:21 GMT
x-content-type-options
nosniff
age
137478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 03:33:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC15 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2WQsaAAAAAGMRkO097avHTGmPRrWdYZDri6HG&co=aHR0cHM6Ly9vcmRlci5jYXBpdGF2b3VjaGVyLmNvbS5zZzo0NDM.&hl=zh-CN&type=image&v=O4xzMiFqEvA4YhWjk5t8Xuas&theme=light&size=invisible&badge=bottomright&cb=pa8lhy4n07ct
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 21:55:32 GMT
x-content-type-options
nosniff
age
244147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Feb 2024 21:55:32 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame EC15 		105 B
137 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=O4xzMiFqEvA4YhWjk5t8Xuas
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2WQsaAAAAAGMRkO097avHTGmPRrWdYZDri6HG&co=aHR0cHM6Ly9vcmRlci5jYXBpdGF2b3VjaGVyLmNvbS5zZzo0NDM.&hl=zh-CN&type=image&v=O4xzMiFqEvA4YhWjk5t8Xuas&theme=light&size=invisible&badge=bottomright&cb=pa8lhy4n07ct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::93 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
42d58b44f790479dc00abb4b19b48aeb788c863228e9334898c7b3e926fd4e97
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2WQsaAAAAAGMRkO097avHTGmPRrWdYZDri6HG&co=aHR0cHM6Ly9vcmRlci5jYXBpdGF2b3VjaGVyLmNvbS5zZzo0NDM.&hl=zh-CN&type=image&v=O4xzMiFqEvA4YhWjk5t8Xuas&theme=light&size=invisible&badge=bottomright&cb=pa8lhy4n07ct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 17:44:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
1; mode=block
expires
Thu, 23 Feb 2023 17:44:39 GMT
bframe
www.google.com/recaptcha/api2/ Frame 6C9F 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=O4xzMiFqEvA4YhWjk5t8Xuas&k=6Lf2WQsaAAAAAGMRkO097avHTGmPRrWdYZDri6HG
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__zh_cn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::93 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1eeb4752fc6d5c9cbd9462cd8ff18f6c65a154eb175f3d1c45be533846881b0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OME7fspzlRNHHYThNn9zfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://order.capitavoucher.com.sg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1121
content-security-policy
script-src 'report-sample' 'nonce-OME7fspzlRNHHYThNn9zfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 17:44:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame 6C9F 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=O4xzMiFqEvA4YhWjk5t8Xuas&k=6Lf2WQsaAAAAAGMRkO097avHTGmPRrWdYZDri6HG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 06:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 05:01:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 06:32:53 GMT
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame 6C9F 		413 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__zh_cn.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=O4xzMiFqEvA4YhWjk5t8Xuas&k=6Lf2WQsaAAAAAGMRkO097avHTGmPRrWdYZDri6HG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9661637d04f1359d79d7b60aad331e5f5d5a353d03dc4f86c61ee2e7cc07ded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 15:10:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167730
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 05:01:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Feb 2024 15:10:13 GMT
resizeimage.ashx
cdn.page-source.com/ 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.page-source.com/resizeimage.ashx?ig=order.capitavoucher.com.sg&sz=109402
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.211.230 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-54-38-211.eu
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://order.capitavoucher.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Thu, 23 Feb 2023 17:44:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/plain
cache-control
private
content-length
0
reload
www.google.com/recaptcha/api2/ Frame 6C9F 		38 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lf2WQsaAAAAAGMRkO097avHTGmPRrWdYZDri6HG
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__zh_cn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::93 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0ed29f7fb3f70a5d140cd21681c227b4159d98edf0cef43b3ab0ffcba8da31ff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=O4xzMiFqEvA4YhWjk5t8Xuas&k=6Lf2WQsaAAAAAGMRkO097avHTGmPRrWdYZDri6HG
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 23 Feb 2023 17:44:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23625
x-xss-protection
1; mode=block
expires
Thu, 23 Feb 2023 17:44:39 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| __INITIAL_STATE object| __LOADABLE_LOADED_CHUNKS__ function| _ object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_834880

2 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJBLKW0fOOzYCTaKj50cHuddfL2QEiG95DSr7KyNp_JbhizxWCLw4r2po9c4Ko9NkThlLr2Ix9DeiKLN-xjOdi4
order.capitavoucher.com.sg/ Name: language
Value: en-US

2 Console Messages

Source Level URL
Text
network error URL: https://www.googletagmanager.com/gtm.js?id=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.googletagmanager.com/gtm.js?id=
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';connect-src 'self' wss://*.zopim.com *.zopim.com *.zdassets.com *.cloudfront.net *.qubit.com *.woohoo.in *.branch.io *.loggly.com;frame-src *.google.com vars.hotjar.com *.doubleclick.net *.youtube.com giftbig.wufoo.com *.googletagmanager.com;img-src 'self' data: 'unsafe-eval' *.zopim.io *.zopim.com cdn.page-source.com *.googletagmanager.com metrics.makemytrip.com *.woohoo.in bat.bing.com *.scorecardresearch.com *.google.com *.google.co.in 'unsafe-inline' *.doubleclick.net *.images-home.com *.google-analytics.com *.amazonaws.com *.woohoo.in *.cloudfront.net *.facebook.com *.googleadservices.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.zdassets.com *.zopim.com *.bing.com *.scorecardresearch.com script.hotjar.com cdn-3.convertexperiments.com script.crazyegg.com static.hotjar.com static.tacdn.com customs.affilired.com *.makemytrip.com *.qubit.com *.loggly.com *.gstatic.com *.doubleclick.net app.link *.googletagmanager.com *.branch.io *.facebook.net *.wufoo.com *.images-home.com *.google-analytics.com cdn.polyfill.io google-analytics.com *.cloudfront.net *.google.com *.bs.serving-sys.com *.connect.facebook.net *.googleadservices.com *.googletagmanager.com;style-src 'self' 'unsafe-inline' *.zopim.com *.cloudfront.net *.googleapis.com;font-src 'self' data: *.zopim.com *.cloudfront.net *.gstatic.com fonts.googleapis.com;media-src 'self' *.zopim.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.page-source.com
cdn.polyfill.io
d1o7uku192uawx.cloudfront.net
fonts.gstatic.com
order.capitavoucher.com.sg
stage.woohoo.in
www.google.com
www.googletagmanager.com
www.gstatic.com
13.33.88.86
13.35.18.163
18.155.68.60
2404:6800:4003:c03::5e
2404:6800:4003:c04::61
2404:6800:4003:c04::93
2a04:4e42:200::282
54.38.211.230
0ed29f7fb3f70a5d140cd21681c227b4159d98edf0cef43b3ab0ffcba8da31ff
12327413788e681934abd8d691a879d8d2a2e982493f94231822383985f4b4a5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d38c531f921573b8763bd89e71e45dffd82efc063038b852a5c9513955e8868
288c54ce689e598bf9e764782ce03d43eba8095a1230ead9f17958c672a08edd
3d738368f4022ffa3f34668a5bd032f524b3b5bd080b9032b627dcae66aaf371
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42d58b44f790479dc00abb4b19b48aeb788c863228e9334898c7b3e926fd4e97
47c606f9bd775d440a8e994763bb32907615d55495abb40444bb65c4e9fa7aa4
4fc006424cb7d8b3f9c4c27a0b906e526fe64d3b0d9aa9684616f342f3a7f170
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
82e4e1f731b6628fc2d005afb116263ebf45687a85e8645cf83f871ccc1ccf96
88b3360eda0c46b7413a6881dbf3e5a2d7a49d2f425dd4a9b48ec5a796c60dfe
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
a1eeb4752fc6d5c9cbd9462cd8ff18f6c65a154eb175f3d1c45be533846881b0
ac2fecfb6662e315a38038353de3898611f8b607c9d085795590efa63fa3ae0c
ae1d1c9adecaacba9b0f9389cde894a91400ec158a511d0d4e31fec2669c2360
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d9661637d04f1359d79d7b60aad331e5f5d5a353d03dc4f86c61ee2e7cc07ded
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57e5b16a7fb363d73d0c06323af59ec22cc042ddfd05c533304ec715abb31a0
e7f5388221b80e0c0748c7af826856d54854c2d027867968bf33031c0a34383a
fedc7deb11103f0e32c599456406abea829357a6f0250c84fbcb950beca419f5