urlscan.io logo urlscan.io
SecurityTrails logo

login.confermapay.com Open in urlscan Pro
104.18.14.169  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://snapplusadmin.conferma.com/
Effective URL: https://login.confermapay.com/default?pkn=SNAPPLUSWEB
Submission: On December 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 104.18.14.169, located in and belongs to CLOUDFLARENET, US. The main domain is login.confermapay.com. The Cisco Umbrella rank of the primary domain is 547280.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 13th 2023. Valid for: 3 months.
This is the only time login.confermapay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 104.18.10.10 13335 (CLOUDFLAR...)
1 9 104.18.14.169 13335 (CLOUDFLAR...)
1 104.18.11.10 13335 (CLOUDFLAR...)
17 3
Apex Domain
Subdomains		 Transfer
9 confermapay.com
login.confermapay.com — Cisco Umbrella Rank: 547280
196 KB
9 conferma.com
snapplusadmin.conferma.com
ssl.conferma.com — Cisco Umbrella Rank: 248261
494 KB
17 2
Domain Requested by
9 login.confermapay.com 1 redirects snapplusadmin.conferma.com
login.confermapay.com
8 snapplusadmin.conferma.com snapplusadmin.conferma.com
1 ssl.conferma.com login.confermapay.com
17 3

This site contains no links.

Subject Issuer Validity Valid
conferma.com
GTS CA 1P5		 2023-11-13 -
2024-02-11		 3 months crt.sh
confermapay.com
Cloudflare Inc ECC CA-3		 2023-12-13 -
2024-03-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.confermapay.com/default?pkn=SNAPPLUSWEB
Frame ID: 16698FBC0B04D865711E9D26DF7DEE7E
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Conferma Pay

Page URL History Show full URLs

  1. https://snapplusadmin.conferma.com/ Page URL
  2. https://login.confermapay.com/default.aspx?pkn=SNAPPLUSWEB HTTP 301
    https://login.confermapay.com/default?pkn=SNAPPLUSWEB Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

689 kB
Transfer

2973 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://snapplusadmin.conferma.com/ Page URL
  2. https://login.confermapay.com/default.aspx?pkn=SNAPPLUSWEB HTTP 301
    https://login.confermapay.com/default?pkn=SNAPPLUSWEB Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
snapplusadmin.conferma.com/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://snapplusadmin.conferma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf8409b56339e38ff01499263b5711f8404d297605d6963b5f8f74d962304333
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
cf-cache-status
DYNAMIC
cf-ray
834fc203aead9e02-EWR
content-encoding
br
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
content-type
text/html
date
Wed, 13 Dec 2023 16:59:29 GMT
last-modified
Mon, 04 Dec 2023 12:06:18 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000
vary
User-Agent
x-aspnet-version
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
runtime.56cbf457bb0160f5.js
snapplusadmin.conferma.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snapplusadmin.conferma.com/runtime.56cbf457bb0160f5.js
Requested by
Host: snapplusadmin.conferma.com
URL: https://snapplusadmin.conferma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab466ede76cb8da827d0c5ce38d569c48f1e60fb15e3e6ab77514ea015675e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://snapplusadmin.conferma.com/
Origin
https://snapplusadmin.conferma.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status
MISS
x-aspnet-version
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 04 Dec 2023 12:06:18 GMT
server
cloudflare
etag
W/"0d97b49aa26da1:0"
x-download-options
noopen
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
834fc204e82b9e02-EWR
polyfills.b7718951ce443430.js
snapplusadmin.conferma.com/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snapplusadmin.conferma.com/polyfills.b7718951ce443430.js
Requested by
Host: snapplusadmin.conferma.com
URL: https://snapplusadmin.conferma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bff9c2548df703f36382c28229e85dc70d091fbe02b03dfc3db92dd8ef48788d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://snapplusadmin.conferma.com/
Origin
https://snapplusadmin.conferma.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status
MISS
x-aspnet-version
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 04 Dec 2023 12:06:18 GMT
server
cloudflare
etag
W/"0d97b49aa26da1:0"
x-download-options
noopen
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
834fc204e82c9e02-EWR
main.f2aec3314875b782.js
snapplusadmin.conferma.com/ 		1 MB
378 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snapplusadmin.conferma.com/main.f2aec3314875b782.js
Requested by
Host: snapplusadmin.conferma.com
URL: https://snapplusadmin.conferma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc2fe848817da604e46a778316b3173d0436fd594a1f8a945fdf9c554120b45b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://snapplusadmin.conferma.com/
Origin
https://snapplusadmin.conferma.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status
MISS
x-aspnet-version
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 04 Dec 2023 12:06:18 GMT
server
cloudflare
etag
W/"0d97b49aa26da1:0"
x-download-options
noopen
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
834fc204e82d9e02-EWR
styles.8634469c8e566f5f.css
snapplusadmin.conferma.com/ 		290 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://snapplusadmin.conferma.com/styles.8634469c8e566f5f.css
Requested by
Host: snapplusadmin.conferma.com
URL: https://snapplusadmin.conferma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a777133c02fd031b983623d4f8333dda3a5d5d223348205e5e53b812bf9a385
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://snapplusadmin.conferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status
MISS
x-aspnet-version
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 04 Dec 2023 12:06:18 GMT
server
cloudflare
etag
W/"0d97b49aa26da1:0"
x-download-options
noopen
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
834fc204e82e9e02-EWR
styles.8634469c8e566f5f.css
snapplusadmin.conferma.com/ 		290 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://snapplusadmin.conferma.com/styles.8634469c8e566f5f.css
Requested by
Host: snapplusadmin.conferma.com
URL: https://snapplusadmin.conferma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a777133c02fd031b983623d4f8333dda3a5d5d223348205e5e53b812bf9a385
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://snapplusadmin.conferma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status
MISS
x-aspnet-version
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 04 Dec 2023 12:06:18 GMT
server
cloudflare
etag
W/"0d97b49aa26da1:0"
x-download-options
noopen
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
834fc205c90e9e02-EWR
appsettings.json
snapplusadmin.conferma.com/assets/ 		392 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://snapplusadmin.conferma.com/assets/appsettings.json
Requested by
Host: snapplusadmin.conferma.com
URL: https://snapplusadmin.conferma.com/polyfills.b7718951ce443430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca682aa9564f581dc3abe619240f5f32abab37bd1ff611bc2bbe7a6b934a9d42
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://snapplusadmin.conferma.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status
DYNAMIC
x-aspnet-version
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Dec 2023 14:33:24 GMT
server
cloudflare
etag
W/"6eeab22982dda1:0"
x-download-options
noopen
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
834fc2081be09e02-EWR
682.88e7367c1db396ee.js
snapplusadmin.conferma.com/ 		902 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snapplusadmin.conferma.com/682.88e7367c1db396ee.js
Requested by
Host: snapplusadmin.conferma.com
URL: https://snapplusadmin.conferma.com/runtime.56cbf457bb0160f5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e96092889f85ef6c5cc56e361d75da8f6a847a14451c38aa72463721426d12
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://snapplusadmin.conferma.com/
Origin
https://snapplusadmin.conferma.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status
MISS
x-aspnet-version
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 04 Dec 2023 12:06:16 GMT
server
cloudflare
etag
W/"0ac4a48aa26da1:0"
x-download-options
noopen
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
834fc20affde9e02-EWR
Primary Request default
login.confermapay.com/
Redirect Chain
  • https://login.confermapay.com/default.aspx?pkn=SNAPPLUSWEB
  • https://login.confermapay.com/default?pkn=SNAPPLUSWEB
17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.confermapay.com/default?pkn=SNAPPLUSWEB
Requested by
Host: snapplusadmin.conferma.com
URL: https://snapplusadmin.conferma.com/main.f2aec3314875b782.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17d412031a08d90633b2deecec45a3f4d6cdfa241f664074b5d05fcc9a63b8d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://snapplusadmin.conferma.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
cf-cache-status
DYNAMIC
cf-ray
834fc20efa8c0f6b-EWR
content-encoding
br
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Wed, 13 Dec 2023 16:59:31 GMT
expect-ct
enforce, max-age=60
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; vibrate 'none'
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000
vary
User-Agent
x-aspnet-version
x-content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
x-content-type-options
nosniff
x-download-options
Enabled
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

cache-control
private,no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
cf-cache-status
DYNAMIC
cf-ray
834fc20e29730f6b-EWR
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Wed, 13 Dec 2023 16:59:31 GMT
expect-ct
enforce, max-age=60
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; vibrate 'none'
location
/default?pkn=SNAPPLUSWEB
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000
vary
User-Agent
x-aspnet-version
x-content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
x-content-type-options
nosniff
x-download-options
Enabled
x-frame-options
DENY
x-xss-protection
1; mode=block
jquery.js
login.confermapay.com/Scripts/ 		103 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.confermapay.com/Scripts/jquery.js
Requested by
Host: login.confermapay.com
URL: https://login.confermapay.com/default?pkn=SNAPPLUSWEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbb409e0a26958ffa3c117493f4c20a7fd777308bd1880be65987714d4763bcf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.confermapay.com/default?pkn=SNAPPLUSWEB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status
MISS
x-aspnet-version
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 Nov 2023 14:21:40 GMT
server
cloudflare
etag
W/"0f2e5b73c16da1:0"
x-download-options
Enabled
vary
Accept-Encoding,User-Agent
x-frame-options
DENY
content-type
application/javascript
expect-ct
enforce, max-age=60
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; vibrate 'none'
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
834fc20feba70f6b-EWR
x-content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
jquery-ui.js
login.confermapay.com/Scripts/ 		284 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.confermapay.com/Scripts/jquery-ui.js
Requested by
Host: login.confermapay.com
URL: https://login.confermapay.com/default?pkn=SNAPPLUSWEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c023319510499233f91597fb379a68d5f08ef887d3240fb78e0ce8ba77c4ad2b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.confermapay.com/default?pkn=SNAPPLUSWEB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status
MISS
x-aspnet-version
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 Nov 2023 14:21:40 GMT
server
cloudflare
etag
W/"0f2e5b73c16da1:0"
x-download-options
Enabled
vary
Accept-Encoding,User-Agent
x-frame-options
DENY
content-type
application/javascript
expect-ct
enforce, max-age=60
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; vibrate 'none'
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
834fc20feba80f6b-EWR
x-content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
bootstrap.bundle.js
login.confermapay.com/Scripts/Bootstrap/ 		203 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.confermapay.com/Scripts/Bootstrap/bootstrap.bundle.js
Requested by
Host: login.confermapay.com
URL: https://login.confermapay.com/default?pkn=SNAPPLUSWEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b334050ab6ed58faa895c34cb75107facfac8d57370494a3df2966d42bdf43
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.confermapay.com/default?pkn=SNAPPLUSWEB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status
MISS
x-aspnet-version
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 Nov 2023 14:21:40 GMT
server
cloudflare
etag
W/"0f2e5b73c16da1:0"
x-download-options
Enabled
vary
Accept-Encoding,User-Agent
x-frame-options
DENY
content-type
application/javascript
expect-ct
enforce, max-age=60
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; vibrate 'none'
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
834fc20feba90f6b-EWR
x-content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
site_1.js
login.confermapay.com/Scripts/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.confermapay.com/Scripts/site_1.js
Requested by
Host: login.confermapay.com
URL: https://login.confermapay.com/default?pkn=SNAPPLUSWEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd03968fe3b29ec1bbd278bcaaec2af06b20ab6b3f09dec043a8222805e37ef9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.confermapay.com/default?pkn=SNAPPLUSWEB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status
MISS
x-aspnet-version
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 Nov 2023 14:21:40 GMT
server
cloudflare
etag
W/"0f2e5b73c16da1:0"
x-download-options
Enabled
vary
Accept-Encoding,User-Agent
x-frame-options
DENY
content-type
application/javascript
expect-ct
enforce, max-age=60
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; vibrate 'none'
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
834fc20febab0f6b-EWR
x-content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
bootstrap.css
login.confermapay.com/Content/CSS/Bootstrap/ 		191 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.confermapay.com/Content/CSS/Bootstrap/bootstrap.css
Requested by
Host: login.confermapay.com
URL: https://login.confermapay.com/default?pkn=SNAPPLUSWEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d7687506d61e95371d3f311a1904bac4f8721e07123bf0cdc6c3715b8747e1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.confermapay.com/default?pkn=SNAPPLUSWEB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status
MISS
x-aspnet-version
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 Nov 2023 14:21:40 GMT
server
cloudflare
etag
W/"0f2e5b73c16da1:0"
x-download-options
Enabled
vary
Accept-Encoding,User-Agent
x-frame-options
DENY
content-type
text/css
expect-ct
enforce, max-age=60
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; vibrate 'none'
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
834fc20feba20f6b-EWR
x-content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
Default.css
login.confermapay.com/Content/CSS/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.confermapay.com/Content/CSS/Default.css
Requested by
Host: login.confermapay.com
URL: https://login.confermapay.com/default?pkn=SNAPPLUSWEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24fb83fd4ff9e7c295eac6cee9d8d80cb1cbe72b5315d4e47201401d878bb8a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.confermapay.com/default?pkn=SNAPPLUSWEB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status
MISS
x-aspnet-version
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 Nov 2023 14:21:40 GMT
server
cloudflare
etag
W/"0f2e5b73c16da1:0"
x-download-options
Enabled
vary
Accept-Encoding,User-Agent
x-frame-options
DENY
content-type
text/css
expect-ct
enforce, max-age=60
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; vibrate 'none'
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
834fc20feba40f6b-EWR
x-content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
all.css
login.confermapay.com/Content/CSS/FontAwesome/css/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.confermapay.com/Content/CSS/FontAwesome/css/all.css
Requested by
Host: login.confermapay.com
URL: https://login.confermapay.com/default?pkn=SNAPPLUSWEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5e8c6ad66d889f3f73d3bd1d0f2e4945ebfbe47d28162ee206cd1b9e75d561
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.confermapay.com/default?pkn=SNAPPLUSWEB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
cf-cache-status
MISS
x-aspnet-version
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 Nov 2023 14:21:40 GMT
server
cloudflare
etag
W/"0f2e5b73c16da1:0"
x-download-options
Enabled
vary
Accept-Encoding,User-Agent
x-frame-options
DENY
content-type
text/css
expect-ct
enforce, max-age=60
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; vibrate 'none'
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
834fc20feba50f6b-EWR
x-content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
snapplus-primary-logo.png
ssl.conferma.com/Logos/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.conferma.com/Logos/snapplus-primary-logo.png
Requested by
Host: login.confermapay.com
URL: https://login.confermapay.com/default?pkn=SNAPPLUSWEB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc7c2d740a53dcd224deb409c3fa8e51170fbc457588feb6b10c247baee1233d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.confermapay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:59:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
x-aspnet-version
content-length
12336
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 11:42:10 GMT
server
cloudflare
etag
"361f84ecef21da1:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
834fc21248280f6d-EWR
expires
Wed, 13 Dec 2023 20:59:31 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery number| uidEvent object| bootstrap function| stringIncludes function| toggleUserSecret function| toggleQRCode function| showVerifyMFA function| changeMemWordFocus function| changeMemWordFocusFW function| setSessionLoginAttempts function| getSessionLoginAttempts function| reduceLoginAttempts function| resetLoginAttempts function| usernameCheck function| passwordCheck function| forgottenPassword function| securityAnswerCheck function| validateMemorableWord function| clearSecurityAnswer function| validateGoogleAuth function| ValidateChangePassword function| securityDetailsCheck function| clearPassword function| swipeTo function| clearMemorableWord function| langSelected function| errorLoggingCheck function| SetEnterButtonClickEvents object| theForm function| __doPostBack

3 Cookies

Domain/Path Name / Value
snapplusadmin.conferma.com/ Name: X-Mapping-ofhkjbef
Value: 971EBD6D4E18787BDE5CD8712D86F380
login.confermapay.com/ Name: X-Mapping-ifkmbple
Value: 756EAF258EC6449345CDAAD0DE9CE82E
login.confermapay.com/ Name: __Host-LoginSess
Value: u1daqdrnkqqfraomixexpqyp

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, camera, geolocation, gyroscope, magnetometer, microphone, payment, usb. Values defined in Permissions-Policy header will be used.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block