urlscan.io logo urlscan.io
SecurityTrails logo

client02-fundmgmt.coop.test.360incentives.io Open in urlscan Pro
2606:4700:7::a29f:8855  Public Scan

Go To Rescan Add Verdict Report
URL: https://client02-fundmgmt.coop.test.360incentives.io/
Submission: On May 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 2606:4700:7::a29f:8855, located in United States and belongs to CLOUDFLARENET, US. The main domain is client02-fundmgmt.coop.test.360incentives.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 5th 2022. Valid for: a year.
This is the only time client02-fundmgmt.coop.test.360incentives.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 14 2606:4700:7::... 13335 (CLOUDFLAR...)
2 20.60.240.39 8075 (MICROSOFT...)
3 52.239.234.97 8075 (MICROSOFT...)
17 3
Domain Requested by
14 client02-fundmgmt.coop.test.360incentives.io 2 redirects client02-fundmgmt.coop.test.360incentives.io
3 g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net client02-fundmgmt.coop.test.360incentives.io
2 m7v2lz2nvyvjschgufjh6viz.z19.web.core.windows.net client02-fundmgmt.coop.test.360incentives.io
17 3

This site contains no links.

Subject Issuer Validity Valid
client02-fundmgmt.coop.test.360incentives.io
Cloudflare Inc ECC CA-3		 2022-05-05 -
2023-05-05		 a year crt.sh
*.web.core.windows.net
Microsoft RSA TLS CA 02		 2022-03-24 -
2023-03-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://client02-fundmgmt.coop.test.360incentives.io/
Frame ID: B25A1E703E433832A828F15C03F06800
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Test Client, Inc.

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

94 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

1987 kB
Transfer

3737 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://client02-fundmgmt.coop.test.360incentives.io/Admin/GetAdminConfigByGroup?groupID=9 HTTP 302
  • https://client02-fundmgmt.coop.test.360incentives.io/Security/SecurityException HTTP 302
  • https://client02-fundmgmt.coop.test.360incentives.io/Security/SessionExpire?lang=en-US

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
client02-fundmgmt.coop.test.360incentives.io/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://client02-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a89cb572e94222ba80e533cfb9a018f8f55dff0a7bfd6669f9ed11d1cb0431
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
cache-control
public, no-store, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7065e558ed309bc4-FRA
content-encoding
gzip
content-security-policy
default-src: https:; frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Thu, 05 May 2022 02:02:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 05 May 2022 02:02:47 GMT
last-modified
Thu, 05 May 2022 02:02:47 GMT
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
*
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap
client02-fundmgmt.coop.test.360incentives.io/Content/themes/ 		114 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client02-fundmgmt.coop.test.360incentives.io/Content/themes/bootstrap?v=uWvh6CpCsQc78ayYkfBf5lZiJiPS34dIAJYAkCcscoY1
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f25d0abc6697a98c2193c4345b1efa2d251246a35766a973aa5873ac8b6d9e6
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client02-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
User-Agent,Accept-Encoding
content-length
26951
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:02:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065e55d7bc59bc4-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Fri, 05 May 2023 02:02:47 GMT
styles
client02-fundmgmt.coop.test.360incentives.io/Content/themes/base/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client02-fundmgmt.coop.test.360incentives.io/Content/themes/base/styles?v=44rUzHeHI2vyEuaG0iydIx6Za6IjmzRS4gIvBLGAzSc1
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009a653121734b439abf2d5ef7ba0519c457ba504997ae92a5d6dbc11e9728c2
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client02-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
User-Agent,Accept-Encoding
content-length
5530
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:02:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065e55d7bc79bc4-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Fri, 05 May 2023 02:02:47 GMT
MainStyles
client02-fundmgmt.coop.test.360incentives.io/Content/themes/styles/ 		87 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client02-fundmgmt.coop.test.360incentives.io/Content/themes/styles/MainStyles?v=ILdxDEGLQx_Y2EBcIW9HVfzi5NnldTRk-HAyZ0jcSJc1
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91d3b875122978ac09067a70975d0369727451a7cc5b09e0ff04e70b04ac51bd
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client02-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
User-Agent,Accept-Encoding
content-length
24293
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:02:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065e55d7bca9bc4-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Fri, 05 May 2023 02:02:47 GMT
css
client02-fundmgmt.coop.test.360incentives.io/client/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client02-fundmgmt.coop.test.360incentives.io/client/css
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
153dcfba62dcbe6f0d5b38cdc0527636e3e98bd51bd0562d60e7568bec966239
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client02-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
*
content-length
2775
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:02:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-store, max-age=0
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065e55d7bcb9bc4-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Thu, 05 May 2022 02:02:47 GMT
jquery
client02-fundmgmt.coop.test.360incentives.io/bundles/ 		95 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client02-fundmgmt.coop.test.360incentives.io/bundles/jquery?v=NNvRrt_4VTUxpB0IOMoCb0a7YmcdZ5YTm3OVRV8yIMU1
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
699ba9723872b13db5f8e454edc7320bef9eaff11f8a7f4113aa1eaf107ea394
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client02-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
User-Agent,Accept-Encoding
content-length
43806
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:02:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065e55d7bcd9bc4-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Fri, 05 May 2023 02:02:47 GMT
kendo.all.min.js
client02-fundmgmt.coop.test.360incentives.io/Scripts/ 		2 MB
828 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client02-fundmgmt.coop.test.360incentives.io/Scripts/kendo.all.min.js
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb1e073ba99ce537d63a5f2b6b58ebfe83eec40aa0e2e8202707023b404d57cf
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client02-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 04 May 2022 15:04:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0cca83dc85fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript
cache-control
public, max-age=432000
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065e55d7bce9bc4-FRA
expires
Tue, 10 May 2022 02:02:47 GMT
Common
client02-fundmgmt.coop.test.360incentives.io/Scripts/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client02-fundmgmt.coop.test.360incentives.io/Scripts/Common?v=G-CObfK_lSI51H5PKLKnO8XWP04Ixh_TKo9qNqEE5_U1
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c51966eb394e85f695256e3eb18685349ed8989cb28a07e7ca779d029e4fc992
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client02-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
User-Agent,Accept-Encoding
content-length
4088
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:02:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065e55d7bcf9bc4-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Fri, 05 May 2023 02:02:47 GMT
angular
client02-fundmgmt.coop.test.360incentives.io/bundles/ 		227 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client02-fundmgmt.coop.test.360incentives.io/bundles/angular?v=5NWxI2htniY1i_Bjf5amZMuB-SaHno5LhNzKZD4Ii141
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c50ebab4be0011b7d3e50c989b4733f95d95eb5aa19785148207605d49e964
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client02-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
User-Agent,Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:02:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065e55d7bd09bc4-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Fri, 05 May 2023 02:02:47 GMT
Login
client02-fundmgmt.coop.test.360incentives.io/bundles/ 		184 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client02-fundmgmt.coop.test.360incentives.io/bundles/Login?v=0ad9V3N8Rl8GRAqhKSfTjhuZdNPPc-3M-7OnPtX-i4M1
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2fbc21b24bf6a96e46353bdf6a9ad5502bc489fb47ceb61c732bae3335ff0f2
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client02-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
User-Agent,Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:02:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065e55d7bd29bc4-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Fri, 05 May 2023 02:02:47 GMT
Logo
client02-fundmgmt.coop.test.360incentives.io/client/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client02-fundmgmt.coop.test.360incentives.io/client/Logo?isClient=True
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9d3819e950b72615374900e27b40e274c82e8e63bab9b8dd2cc86b7e2ac6146
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client02-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:02:48 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
*
content-length
53065
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:02:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, no-store, max-age=0
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065e5624a9c9bc4-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Thu, 05 May 2022 02:02:48 GMT
ArtifaktElementOfc-Regular.ttf
m7v2lz2nvyvjschgufjh6viz.z19.web.core.windows.net/clients/c6199da1-a7a6-41e8-9540-07d399b5f193/f3fef788-b6d9-4f31-92c9-70c5580618e1/Fonts/ 		129 KB
129 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m7v2lz2nvyvjschgufjh6viz.z19.web.core.windows.net/clients/c6199da1-a7a6-41e8-9540-07d399b5f193/f3fef788-b6d9-4f31-92c9-70c5580618e1/Fonts/ArtifaktElementOfc-Regular.ttf
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/client/css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.240.39 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6ce37e3842832e9de1427f61e1281de8693ed2e63fb4d32697aceaf9e507ebc3

Request headers

Referer
https://client02-fundmgmt.coop.test.360incentives.io/
Origin
https://client02-fundmgmt.coop.test.360incentives.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 02:02:48 GMT
Last-Modified
Fri, 13 Sep 2019 20:15:52 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9+sU1DqYubq0ZnFstQPZPw==
ETag
"0x8D738872CE41B3C"
Content-Type
application/font-ttf
Access-Control-Allow-Origin
*
x-ms-request-id
afbe43a1-f01e-0028-4d24-605180000000
Access-Control-Expose-Headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
131892
Lang.en-US.js
g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/22222222-2222-2222-2222-222222222222/22222222-2222-2222-2222-222222222222/Scripts/Resource/ 		275 KB
276 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/22222222-2222-2222-2222-222222222222/22222222-2222-2222-2222-222222222222/Scripts/Resource/Lang.en-US.js?v=ceaac59d-94be-4bc0-a682-b5bfe950709f
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/bundles/Login?v=0ad9V3N8Rl8GRAqhKSfTjhuZdNPPc-3M-7OnPtX-i4M1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.234.97 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2e086f6bc1b49eab1b41f6cf83154773de966143ea5093afea286c86113ee04c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client02-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 02:02:49 GMT
Last-Modified
Fri, 29 Apr 2022 14:54:28 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
GlSd2gezxtD39n0ODUw7Tw==
ETag
"0x8DA29F0291A5D33"
Content-Type
text / plain; charset = utf - 8
Access-Control-Allow-Origin
*
x-ms-request-id
70468082-301e-0045-3824-601979000000
Access-Control-Expose-Headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
281938
kendo.culture.en-US.js
g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/22222222-2222-2222-2222-222222222222/22222222-2222-2222-2222-222222222222/Scripts/KendoResource/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/22222222-2222-2222-2222-222222222222/22222222-2222-2222-2222-222222222222/Scripts/KendoResource/kendo.culture.en-US.js
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/bundles/Login?v=0ad9V3N8Rl8GRAqhKSfTjhuZdNPPc-3M-7OnPtX-i4M1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.234.97 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
65d780bc2bd0ca6b5b2b6b44189b41028b1a29398e97feba9825e13f6b7f86a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client02-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 02:02:49 GMT
Last-Modified
Mon, 17 Jun 2019 21:27:20 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
nyxKgKBA3V59xE+/VJq2Fw==
ETag
"0x8D6F36A94B67B64"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
48ea709c-a01e-002d-6c24-604728000000
Access-Control-Expose-Headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
2666
ArtifaktLegendOfc-Bold.ttf
m7v2lz2nvyvjschgufjh6viz.z19.web.core.windows.net/clients/c6199da1-a7a6-41e8-9540-07d399b5f193/f3fef788-b6d9-4f31-92c9-70c5580618e1/Fonts/ 		137 KB
138 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m7v2lz2nvyvjschgufjh6viz.z19.web.core.windows.net/clients/c6199da1-a7a6-41e8-9540-07d399b5f193/f3fef788-b6d9-4f31-92c9-70c5580618e1/Fonts/ArtifaktLegendOfc-Bold.ttf
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/client/css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.240.39 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b40b32f57fcdad08b78af7081708b814cfbf3cd088bbfe8d32237b9aa2c801c5

Request headers

Referer
https://client02-fundmgmt.coop.test.360incentives.io/
Origin
https://client02-fundmgmt.coop.test.360incentives.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 02:02:49 GMT
Last-Modified
Fri, 13 Sep 2019 20:16:08 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
SwjqpzodHcKQNmM54zY4dw==
ETag
"0x8D7388736E25F48"
Content-Type
application/font-ttf
Access-Control-Allow-Origin
*
x-ms-request-id
a93d8eef-e01e-0056-2924-60c1c7000000
Access-Control-Expose-Headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
140264
Lang.en-US.js
g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/22222222-2222-2222-2222-222222222222/22222222-2222-2222-2222-222222222222/Scripts/Resource/ 		275 KB
276 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/22222222-2222-2222-2222-222222222222/22222222-2222-2222-2222-222222222222/Scripts/Resource/Lang.en-US.js
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/bundles/angular?v=5NWxI2htniY1i_Bjf5amZMuB-SaHno5LhNzKZD4Ii141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.234.97 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2e086f6bc1b49eab1b41f6cf83154773de966143ea5093afea286c86113ee04c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client02-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 02:02:49 GMT
Last-Modified
Fri, 29 Apr 2022 14:54:28 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
GlSd2gezxtD39n0ODUw7Tw==
ETag
"0x8DA29F0291A5D33"
Content-Type
text / plain; charset = utf - 8
Access-Control-Allow-Origin
*
x-ms-request-id
608365de-201e-0037-0524-606847000000
Access-Control-Expose-Headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
281938
SessionExpire
client02-fundmgmt.coop.test.360incentives.io/Security/
Redirect Chain
  • https://client02-fundmgmt.coop.test.360incentives.io/Admin/GetAdminConfigByGroup?groupID=9
  • https://client02-fundmgmt.coop.test.360incentives.io/Security/SecurityException
  • https://client02-fundmgmt.coop.test.360incentives.io/Security/SessionExpire?lang=en-US
7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://client02-fundmgmt.coop.test.360incentives.io/Security/SessionExpire?lang=en-US
Requested by
Host: client02-fundmgmt.coop.test.360incentives.io
URL: https://client02-fundmgmt.coop.test.360incentives.io/
Protocol
H2
Server
2606:4700:7::a29f:8855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c026fbb2082cc232349be0518bd6cef26068979cbd53654ee850ccb301e27f3c
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client02-fundmgmt.coop.test.360incentives.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 02:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
*
x-xss-protection
1; mode=block
last-modified
Thu, 05 May 2022 02:02:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-store, max-age=0
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065e5695d209bc4-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Thu, 05 May 2022 02:02:49 GMT

Redirect headers

date
Thu, 05 May 2022 02:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
*
x-xss-protection
1; mode=block
location
/Security/SessionExpire?lang=en-US
last-modified
Thu, 05 May 2022 02:02:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-store, max-age=0
content-security-policy
default-src: https:; frame-ancestors 'self'
cf-ray
7065e5684bb29bc4-FRA
access-control-allow-headers
Origin,X-Requested-With,Content-Type
expires
Thu, 05 May 2022 02:02:49 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery object| kendo function| dialogfunction function| dialogfunctionWithOutClose function| GetPermission function| MM_goToURL function| OpenWindow function| ToJavaScriptDate function| ValidateDate function| ValidateFullDate function| AddingDaysToTextFormatDate function| ValidateStartDate function| ValidateEndDate function| CloseBrowerCompatability function| getFormattedDate function| getNumberFromFormattedCurrencyString function| getMaxDate function| getMinDate function| hasInValidValue function| resolveInitialData function| loadResources string| hostAddress object| Resources object| LangKeys object| hurl string| code string| requiredfield_class string| red_text string| accordianCls string| vendorUserTitle string| iqenseSuperUserTitle string| dealerUserTitle string| readOnlyUserTitle object| onlyNumbers object| DateRegEx object| EmailPattern object| WedAddressPattern object| onlyNumbersandLetters object| NumbersLettersandSpecialCharacters number| uploadFilesLimitforSingleTime string| FileNameofClaimSearch string| url object| BookmarkedRecordType object| ObjectType object| MediaDocumentTypes object| FundPeriodAssignment object| ControlMaximumActivityEndDateby object| ReserveBalanceAt object| ShowHideFundsDropDownScreen number| MaxBudgetPercentage number| ManimumBudgetPercentage object| FundApprovalStatus object| TransTypes object| FundTypes object| comparisonOperators object| PlanActivity object| PAStatus object| CampaignSelection object| CampaignRequired object| PermissionTypes object| FileDocType function| saveAs object| angular function| moment object| myApp string| contentAddress string| sessionTimeOut string| SessionExpireRemainderMinutes string| logoutUrl string| lnkPrivacyPolicy string| brandId string| clientGuid string| brandGuid string| IsExpired

1 Cookies

Domain/Path Name / Value
client02-fundmgmt.coop.test.360incentives.io/ Name: ASP.NET_SessionId
Value: oy5wnnso4z020ashqax2rndg

1 Console Messages

Source Level URL
Text
security error URL: https://client02-fundmgmt.coop.test.360incentives.io/
Message:
The Content-Security-Policy directive name 'default-src:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block