urlscan.io logo urlscan.io
SecurityTrails logo

client03-fundmgmt.coop.test.360incentives.io Open in urlscan Pro
2606:4700:7::a29f:8855  Public Scan

Go To Rescan Add Verdict Report
URL: https://client03-fundmgmt.coop.test.360incentives.io/
Submission: On May 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 2606:4700:7::a29f:8855, located in United States and belongs to CLOUDFLARENET, US. The main domain is client03-fundmgmt.coop.test.360incentives.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 5th 2022. Valid for: a year.
This is the only time client03-fundmgmt.coop.test.360incentives.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 14 2606:4700:7::... 13335 (CLOUDFLAR...)
3 52.239.234.97 8075 (MICROSOFT...)
15 2
Domain Requested by
14 client03-fundmgmt.coop.test.360incentives.io 2 redirects client03-fundmgmt.coop.test.360incentives.io
3 g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net client03-fundmgmt.coop.test.360incentives.io
15 2

This site contains no links.

Subject Issuer Validity Valid
client03-fundmgmt.coop.test.360incentives.io
Cloudflare Inc ECC CA-3		 2022-05-05 -
2023-05-05		 a year crt.sh
*.web.core.windows.net
Microsoft RSA TLS CA 01		 2022-02-11 -
2023-02-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://client03-fundmgmt.coop.test.360incentives.io/
Frame ID: 2131F41A464E6379CC0D1C54014DADAB
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TestTcma

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

93 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1753 kB
Transfer

3503 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://client03-fundmgmt.coop.test.360incentives.io/Admin/GetAdminConfigByGroup?groupID=9 HTTP 302
  • https://client03-fundmgmt.coop.test.360incentives.io/Security/SecurityException HTTP 302
  • https://client03-fundmgmt.coop.test.360incentives.io/Security/SessionExpire?lang=en-US

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
client03-fundmgmt.coop.test.360incentives.io/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://client03-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73595ff7d6edacec03b1dba94298e9fe28b50a12804f35f486bf114a7d46b74e
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
cache-control
public, no-store, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7065f42c1db49b70-FRA
content-encoding
gzip
content-security-policy
default-src: https:; frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Thu, 05 May 2022 02:12:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 05 May 2022 02:12:54 GMT
last-modified
Thu, 05 May 2022 02:12:54 GMT
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
*
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap
client03-fundmgmt.coop.test.360incentives.io/Content/themes/ 		114 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client03-fundmgmt.coop.test.360incentives.io/Content/themes/bootstrap?v=uWvh6CpCsQc78ayYkfBf5lZiJiPS34dIAJYAkCcscoY1
Requested by
Host: client03-fundmgmt.coop.test.360incentives.io
URL: https://client03-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f25d0abc6697a98c2193c4345b1efa2d251246a35766a973aa5873ac8b6d9e6
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client03-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
User-Agent,Accept-Encoding
content-length
26951
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:12:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065f430cde29b70-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Fri, 05 May 2023 02:12:54 GMT
styles
client03-fundmgmt.coop.test.360incentives.io/Content/themes/base/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client03-fundmgmt.coop.test.360incentives.io/Content/themes/base/styles?v=44rUzHeHI2vyEuaG0iydIx6Za6IjmzRS4gIvBLGAzSc1
Requested by
Host: client03-fundmgmt.coop.test.360incentives.io
URL: https://client03-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009a653121734b439abf2d5ef7ba0519c457ba504997ae92a5d6dbc11e9728c2
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client03-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
User-Agent,Accept-Encoding
content-length
5530
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:12:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065f430cde39b70-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Fri, 05 May 2023 02:12:54 GMT
MainStyles
client03-fundmgmt.coop.test.360incentives.io/Content/themes/styles/ 		87 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client03-fundmgmt.coop.test.360incentives.io/Content/themes/styles/MainStyles?v=ILdxDEGLQx_Y2EBcIW9HVfzi5NnldTRk-HAyZ0jcSJc1
Requested by
Host: client03-fundmgmt.coop.test.360incentives.io
URL: https://client03-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91d3b875122978ac09067a70975d0369727451a7cc5b09e0ff04e70b04ac51bd
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client03-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
User-Agent,Accept-Encoding
content-length
24293
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:12:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065f430cde59b70-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Fri, 05 May 2023 02:12:54 GMT
css
client03-fundmgmt.coop.test.360incentives.io/client/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client03-fundmgmt.coop.test.360incentives.io/client/css
Requested by
Host: client03-fundmgmt.coop.test.360incentives.io
URL: https://client03-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4a172348794f143519b092f2a4b83b577cdd83ad6ef55a45b31863d4a8f2119
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client03-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
*
content-length
2469
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:12:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-store, max-age=0
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065f430cde69b70-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Thu, 05 May 2022 02:12:54 GMT
jquery
client03-fundmgmt.coop.test.360incentives.io/bundles/ 		95 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client03-fundmgmt.coop.test.360incentives.io/bundles/jquery?v=NNvRrt_4VTUxpB0IOMoCb0a7YmcdZ5YTm3OVRV8yIMU1
Requested by
Host: client03-fundmgmt.coop.test.360incentives.io
URL: https://client03-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
699ba9723872b13db5f8e454edc7320bef9eaff11f8a7f4113aa1eaf107ea394
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client03-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
User-Agent,Accept-Encoding
content-length
43806
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:12:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065f430cde89b70-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Fri, 05 May 2023 02:12:54 GMT
kendo.all.min.js
client03-fundmgmt.coop.test.360incentives.io/Scripts/ 		2 MB
828 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client03-fundmgmt.coop.test.360incentives.io/Scripts/kendo.all.min.js
Requested by
Host: client03-fundmgmt.coop.test.360incentives.io
URL: https://client03-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb1e073ba99ce537d63a5f2b6b58ebfe83eec40aa0e2e8202707023b404d57cf
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client03-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 04 May 2022 15:04:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0cca83dc85fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript
cache-control
public, max-age=432000
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065f430cde99b70-FRA
expires
Tue, 10 May 2022 02:12:55 GMT
Common
client03-fundmgmt.coop.test.360incentives.io/Scripts/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client03-fundmgmt.coop.test.360incentives.io/Scripts/Common?v=G-CObfK_lSI51H5PKLKnO8XWP04Ixh_TKo9qNqEE5_U1
Requested by
Host: client03-fundmgmt.coop.test.360incentives.io
URL: https://client03-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c51966eb394e85f695256e3eb18685349ed8989cb28a07e7ca779d029e4fc992
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client03-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
User-Agent,Accept-Encoding
content-length
4088
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:12:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065f430cdeb9b70-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Fri, 05 May 2023 02:12:54 GMT
angular
client03-fundmgmt.coop.test.360incentives.io/bundles/ 		227 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client03-fundmgmt.coop.test.360incentives.io/bundles/angular?v=5NWxI2htniY1i_Bjf5amZMuB-SaHno5LhNzKZD4Ii141
Requested by
Host: client03-fundmgmt.coop.test.360incentives.io
URL: https://client03-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c50ebab4be0011b7d3e50c989b4733f95d95eb5aa19785148207605d49e964
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client03-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
User-Agent,Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:12:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065f430cded9b70-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Fri, 05 May 2023 02:12:54 GMT
Login
client03-fundmgmt.coop.test.360incentives.io/bundles/ 		184 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client03-fundmgmt.coop.test.360incentives.io/bundles/Login?v=0ad9V3N8Rl8GRAqhKSfTjhuZdNPPc-3M-7OnPtX-i4M1
Requested by
Host: client03-fundmgmt.coop.test.360incentives.io
URL: https://client03-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2fbc21b24bf6a96e46353bdf6a9ad5502bc489fb47ceb61c732bae3335ff0f2
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client03-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
User-Agent,Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:12:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065f430cdee9b70-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Fri, 05 May 2023 02:12:54 GMT
Logo
client03-fundmgmt.coop.test.360incentives.io/client/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client03-fundmgmt.coop.test.360incentives.io/client/Logo?isClient=True
Requested by
Host: client03-fundmgmt.coop.test.360incentives.io
URL: https://client03-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57bb2454b82cbe59408893d406e24635264945a049d3253ac1cc59e7428712b2
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client03-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:12:55 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
*
content-length
85421
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:12:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, no-store, max-age=0
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065f435bcd19b70-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Thu, 05 May 2022 02:12:55 GMT
Lang.en-US.js
g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/d9ae99d3-9c86-4e81-8129-a1fb5b08e842/eeb2323e-99a5-487b-bfcc-a5cc9daaf269/Scripts/Resource/ 		276 KB
276 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/d9ae99d3-9c86-4e81-8129-a1fb5b08e842/eeb2323e-99a5-487b-bfcc-a5cc9daaf269/Scripts/Resource/Lang.en-US.js?v=00eeac9d-67ed-4f49-b954-0c06e5a3a161
Requested by
Host: client03-fundmgmt.coop.test.360incentives.io
URL: https://client03-fundmgmt.coop.test.360incentives.io/bundles/Login?v=0ad9V3N8Rl8GRAqhKSfTjhuZdNPPc-3M-7OnPtX-i4M1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.234.97 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5505f9b8ca75793843006bf6d5d4ecfb360920e38c9a624c36850574b545bbda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client03-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 02:12:55 GMT
Last-Modified
Fri, 29 Apr 2022 14:59:31 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
uN4M4AJOV12gaaeOua3cIA==
ETag
"0x8DA29F0DDCA7AA1"
Content-Type
text / plain; charset = utf - 8
Access-Control-Allow-Origin
*
x-ms-request-id
37891927-701e-008e-5a25-608b49000000
Access-Control-Expose-Headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
282297
kendo.culture.en-US.js
g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/d9ae99d3-9c86-4e81-8129-a1fb5b08e842/eeb2323e-99a5-487b-bfcc-a5cc9daaf269/Scripts/KendoResource/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/d9ae99d3-9c86-4e81-8129-a1fb5b08e842/eeb2323e-99a5-487b-bfcc-a5cc9daaf269/Scripts/KendoResource/kendo.culture.en-US.js
Requested by
Host: client03-fundmgmt.coop.test.360incentives.io
URL: https://client03-fundmgmt.coop.test.360incentives.io/bundles/Login?v=0ad9V3N8Rl8GRAqhKSfTjhuZdNPPc-3M-7OnPtX-i4M1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.234.97 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
65d780bc2bd0ca6b5b2b6b44189b41028b1a29398e97feba9825e13f6b7f86a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client03-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 02:12:55 GMT
Last-Modified
Wed, 15 Sep 2021 15:12:36 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
nyxKgKBA3V59xE+/VJq2Fw==
ETag
"0x8D9785B4056A997"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
f0782851-501e-0033-4225-609dc5000000
Access-Control-Expose-Headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
2666
Lang.en-US.js
g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/d9ae99d3-9c86-4e81-8129-a1fb5b08e842/eeb2323e-99a5-487b-bfcc-a5cc9daaf269/Scripts/Resource/ 		276 KB
276 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/d9ae99d3-9c86-4e81-8129-a1fb5b08e842/eeb2323e-99a5-487b-bfcc-a5cc9daaf269/Scripts/Resource/Lang.en-US.js
Requested by
Host: client03-fundmgmt.coop.test.360incentives.io
URL: https://client03-fundmgmt.coop.test.360incentives.io/bundles/angular?v=5NWxI2htniY1i_Bjf5amZMuB-SaHno5LhNzKZD4Ii141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.234.97 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5505f9b8ca75793843006bf6d5d4ecfb360920e38c9a624c36850574b545bbda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client03-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 02:12:56 GMT
Last-Modified
Fri, 29 Apr 2022 14:59:31 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
uN4M4AJOV12gaaeOua3cIA==
ETag
"0x8DA29F0DDCA7AA1"
Content-Type
text / plain; charset = utf - 8
Access-Control-Allow-Origin
*
x-ms-request-id
24afd248-701e-002f-7525-6045d2000000
Access-Control-Expose-Headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
282297
SessionExpire
client03-fundmgmt.coop.test.360incentives.io/Security/
Redirect Chain
  • https://client03-fundmgmt.coop.test.360incentives.io/Admin/GetAdminConfigByGroup?groupID=9
  • https://client03-fundmgmt.coop.test.360incentives.io/Security/SecurityException
  • https://client03-fundmgmt.coop.test.360incentives.io/Security/SessionExpire?lang=en-US
7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://client03-fundmgmt.coop.test.360incentives.io/Security/SessionExpire?lang=en-US
Requested by
Host: client03-fundmgmt.coop.test.360incentives.io
URL: https://client03-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e605aadf6aa2b2183b7ac497a1c6291777667aeae44007481c7ab8fcb185afaa
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client03-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
*
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:12:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-store, max-age=0
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065f43cef189b70-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Thu, 05 May 2022 02:12:56 GMT

Redirect headers

date
Thu, 05 May 2022 02:12:56 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
*
x-xss-protection
1; mode=block
location
/Security/SessionExpire?lang=en-US
last-modified
Thu, 05 May 2022 02:12:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-store, max-age=0
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065f43bedb89b70-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Thu, 05 May 2022 02:12:56 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery object| kendo function| dialogfunction function| dialogfunctionWithOutClose function| GetPermission function| MM_goToURL function| OpenWindow function| ToJavaScriptDate function| ValidateDate function| ValidateFullDate function| AddingDaysToTextFormatDate function| ValidateStartDate function| ValidateEndDate function| CloseBrowerCompatability function| getFormattedDate function| getNumberFromFormattedCurrencyString function| getMaxDate function| getMinDate function| hasInValidValue function| resolveInitialData function| loadResources string| hostAddress object| Resources object| LangKeys object| hurl string| code string| requiredfield_class string| red_text string| accordianCls string| vendorUserTitle string| iqenseSuperUserTitle string| dealerUserTitle string| readOnlyUserTitle object| onlyNumbers object| DateRegEx object| EmailPattern object| WedAddressPattern object| onlyNumbersandLetters object| NumbersLettersandSpecialCharacters number| uploadFilesLimitforSingleTime string| FileNameofClaimSearch string| url object| BookmarkedRecordType object| ObjectType object| MediaDocumentTypes object| FundPeriodAssignment object| ControlMaximumActivityEndDateby object| ReserveBalanceAt object| ShowHideFundsDropDownScreen number| MaxBudgetPercentage number| ManimumBudgetPercentage object| FundApprovalStatus object| TransTypes object| FundTypes object| comparisonOperators object| PlanActivity object| PAStatus object| CampaignSelection object| CampaignRequired object| PermissionTypes object| FileDocType function| saveAs object| angular function| moment object| myApp string| contentAddress string| sessionTimeOut string| SessionExpireRemainderMinutes string| logoutUrl string| lnkPrivacyPolicy string| brandId string| clientGuid string| brandGuid string| IsExpired

1 Cookies

Domain/Path Name / Value
client03-fundmgmt.coop.test.360incentives.io/ Name: ASP.NET_SessionId
Value: zellkeqi1xkiv43kmte0qs0b

1 Console Messages

Source Level URL
Text
security error URL: https://client03-fundmgmt.coop.test.360incentives.io/
Message:
The Content-Security-Policy directive name 'default-src:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block