dropbox.coop.uat.360incentives.io Open in urlscan Pro
2a06:98c1:58::23  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response dropbox.coop.uat.360incentives.io/	8 KB 4 KB	859ms 646ms	Document text/html	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dropbox.coop.uat.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d50304d503df264bdc9ad157d24b14bb4296d320282219f5da13690ef88d21a1 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers Origin,X-Requested-With,Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * cache-control public, no-store, max-age=0 cf-cache-status DYNAMIC cf-ray 7cb17af6bf2c1bcf-FRA content-encoding gzip content-security-policy default-src: https:; frame-ancestors 'self' content-type text/html; charset=utf-8 date Mon, 22 May 2023 02:03:02 GMT expires Mon, 22 May 2023 02:03:01 GMT last-modified Mon, 22 May 2023 02:03:01 GMT server cloudflare strict-transport-security max-age=63072000; includeSubDomains; preload vary * x-content-type-options nosniff x-frame-options SAMEORIGIN x-stackifyid V2|dad8146a-4bb5-4e78-838d-5be7a63a9027|C62677|CD503 x-xss-protection 1; mode=block
GET H2	200	bootstrap dropbox.coop.uat.360incentives.io/Content/themes/	118 KB 27 KB	614ms 612ms	Stylesheet text/css	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dropbox.coop.uat.360incentives.io/Content/themes/bootstrap?v=DIZCu09W36eW9H8OnRZIU5HjAn9jT-QLD3myrA40k2I1 Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 668e763dbd8cf860d831547dbb572b12fe1c4b61095c24578cb57c8104198c30 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://dropbox.coop.uat.360incentives.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 22 May 2023 02:03:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src: https:; frame-ancestors 'self' cf-cache-status DYNAMIC strict-transport-security max-age=63072000; includeSubDomains; preload content-length 27471 x-xss-protection 1; mode=block last-modified Mon, 22 May 2023 02:03:02 GMT server cloudflare vary User-Agent,Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/css; charset=utf-8 access-control-allow-origin * x-stackifyid V2|0110d0dd-52d7-4abe-a7f4-e00932d8d3e7|C62677|CD503 cache-control public x-frame-options SAMEORIGIN cf-ray 7cb17afaca3c1bcf-FRA access-control-allow-headers Origin,X-Requested-With,Content-Type expires Tue, 21 May 2024 02:03:02 GMT
GET H2	200	styles dropbox.coop.uat.360incentives.io/Content/themes/base/	24 KB 6 KB	612ms 610ms	Stylesheet text/css	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dropbox.coop.uat.360incentives.io/Content/themes/base/styles?v=44rUzHeHI2vyEuaG0iydIx6Za6IjmzRS4gIvBLGAzSc1 Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 009a653121734b439abf2d5ef7ba0519c457ba504997ae92a5d6dbc11e9728c2 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://dropbox.coop.uat.360incentives.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 22 May 2023 02:03:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src: https:; frame-ancestors 'self' cf-cache-status DYNAMIC strict-transport-security max-age=63072000; includeSubDomains; preload content-length 5530 x-xss-protection 1; mode=block last-modified Mon, 22 May 2023 02:03:02 GMT server cloudflare vary User-Agent,Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/css; charset=utf-8 access-control-allow-origin * x-stackifyid V2|79ea215b-f497-40a2-ad5d-38dee746be4e|C62677|CD503 cache-control public x-frame-options SAMEORIGIN cf-ray 7cb17afaca3d1bcf-FRA access-control-allow-headers Origin,X-Requested-With,Content-Type expires Tue, 21 May 2024 02:03:02 GMT
GET H2	200	MainStyles dropbox.coop.uat.360incentives.io/Content/themes/styles/	88 KB 24 KB	536ms 535ms	Stylesheet text/css	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dropbox.coop.uat.360incentives.io/Content/themes/styles/MainStyles?v=PCRQjxIHEOPojxDdllAOPnSP1_nxmJWUXrSof6YLoGs1 Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 133b369106da4eb0b6f5580f53afaf10aaab76bfbeab36d8f023d7818737dd9f Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://dropbox.coop.uat.360incentives.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 22 May 2023 02:03:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src: https:; frame-ancestors 'self' cf-cache-status DYNAMIC strict-transport-security max-age=63072000; includeSubDomains; preload content-length 24819 x-xss-protection 1; mode=block last-modified Mon, 22 May 2023 02:03:02 GMT server cloudflare vary User-Agent,Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/css; charset=utf-8 access-control-allow-origin * x-stackifyid V2|bd7f8695-c757-4c77-a3b5-de1327d3737b|C62677|CD503 cache-control public x-frame-options SAMEORIGIN cf-ray 7cb17afaca3e1bcf-FRA access-control-allow-headers Origin,X-Requested-With,Content-Type expires Tue, 21 May 2024 02:03:02 GMT
GET H2	200	css dropbox.coop.uat.360incentives.io/client/	12 KB 3 KB	148ms 147ms	Stylesheet text/css	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dropbox.coop.uat.360incentives.io/client/css Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 083a54501da01da28a19d8e3f4601251c6d78412c4b0f3f631fda5e142701b1b Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://dropbox.coop.uat.360incentives.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 22 May 2023 02:03:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src: https:; frame-ancestors 'self' cf-cache-status DYNAMIC strict-transport-security max-age=63072000; includeSubDomains; preload content-length 2807 x-xss-protection 1; mode=block last-modified Mon, 22 May 2023 02:03:02 GMT server cloudflare vary * access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/css; charset=utf-8 access-control-allow-origin * x-stackifyid V2|61e9cfce-088b-44dc-ac83-73b7bb05c756|C62677|CD503 cache-control public, no-store, max-age=0 x-frame-options SAMEORIGIN cf-ray 7cb17afaca3f1bcf-FRA access-control-allow-headers Origin,X-Requested-With,Content-Type expires Mon, 22 May 2023 02:03:02 GMT
GET H2	200	jquery Show response dropbox.coop.uat.360incentives.io/bundles/	95 KB 43 KB	493ms 491ms	Script text/javascript	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dropbox.coop.uat.360incentives.io/bundles/jquery?v=JL596WEzEYSLK79KRL4It4N63VXpRlW4A824KHlhVLc1 Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26812be21ec08e61af23010e77ab54f68f6a60962aa0a79f1a628d4125d7163f Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://dropbox.coop.uat.360incentives.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 22 May 2023 02:03:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src: https:; frame-ancestors 'self' cf-cache-status DYNAMIC strict-transport-security max-age=63072000; includeSubDomains; preload content-length 43763 x-xss-protection 1; mode=block last-modified Mon, 22 May 2023 02:03:02 GMT server cloudflare vary User-Agent,Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * x-stackifyid V2|7cefe3a8-18a6-4e60-9a83-12a616d489de|C62677|CD503 cache-control public x-frame-options SAMEORIGIN cf-ray 7cb17afaca401bcf-FRA access-control-allow-headers Origin,X-Requested-With,Content-Type expires Tue, 21 May 2024 02:03:02 GMT
GET H2	200	kendo.all.min.js Show response dropbox.coop.uat.360incentives.io/Scripts/	2 MB 828 KB	758ms 756ms	Script application/x-javascript	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dropbox.coop.uat.360incentives.io/Scripts/kendo.all.min.js Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb1e073ba99ce537d63a5f2b6b58ebfe83eec40aa0e2e8202707023b404d57cf Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://dropbox.coop.uat.360incentives.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 22 May 2023 02:03:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src: https:; frame-ancestors 'self' cf-cache-status MISS strict-transport-security max-age=63072000; includeSubDomains; preload x-xss-protection 1; mode=block last-modified Fri, 19 May 2023 20:12:00 GMT server cloudflare etag "0e8432b8e8ad91:0" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/x-javascript cache-control public, max-age=432000 cf-ray 7cb17afaca411bcf-FRA expires Sat, 27 May 2023 02:03:02 GMT
GET H2	200	Common Show response dropbox.coop.uat.360incentives.io/Scripts/	9 KB 4 KB	554ms 553ms	Script text/javascript	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dropbox.coop.uat.360incentives.io/Scripts/Common?v=VT0AgLnf_Z2TkvUZJlDMhNxwwl6fC_l4nPilTpwjcMk1 Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdee7ccdfd7b76f0c65ff0fb80bfb858f233059b4d3cf62ccfdb1489989a00a2 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://dropbox.coop.uat.360incentives.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 22 May 2023 02:03:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src: https:; frame-ancestors 'self' cf-cache-status DYNAMIC strict-transport-security max-age=63072000; includeSubDomains; preload content-length 4425 x-xss-protection 1; mode=block last-modified Mon, 22 May 2023 02:03:02 GMT server cloudflare vary User-Agent,Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * x-stackifyid V2|a7fd8ce2-c1ea-4440-8f5e-2c11a983258c|C62677|CD503 cache-control public x-frame-options SAMEORIGIN cf-ray 7cb17afaca421bcf-FRA access-control-allow-headers Origin,X-Requested-With,Content-Type expires Tue, 21 May 2024 02:03:02 GMT
GET H2	200	angular Show response dropbox.coop.uat.360incentives.io/bundles/	237 KB 102 KB	537ms 536ms	Script text/javascript	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dropbox.coop.uat.360incentives.io/bundles/angular?v=dr75Z9ISgaQnWs3TJKxPGPEZYxZGHBSGcdgrjWoh3no1 Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbb3964cd4f76f0923951234929d3173ba3edfb14a91e2df4f711dc921e7c596 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://dropbox.coop.uat.360incentives.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 22 May 2023 02:03:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src: https:; frame-ancestors 'self' cf-cache-status DYNAMIC strict-transport-security max-age=63072000; includeSubDomains; preload x-xss-protection 1; mode=block last-modified Mon, 22 May 2023 02:03:02 GMT server cloudflare vary User-Agent,Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * x-stackifyid V2|4db4106b-ed50-4c8f-bfc6-8370a4e77687|C62677|CD503 cache-control public x-frame-options SAMEORIGIN cf-ray 7cb17afaca431bcf-FRA access-control-allow-headers Origin,X-Requested-With,Content-Type expires Tue, 21 May 2024 02:03:02 GMT
GET H2	200	Login Show response dropbox.coop.uat.360incentives.io/bundles/	190 KB 77 KB	571ms 570ms	Script text/javascript	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dropbox.coop.uat.360incentives.io/bundles/Login?v=bDQgDhJFhdv1JpW6Bi-q91pdMsNUjl_JJu7f97TGJMU1 Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9ade1bbd3baca06b10e65b53e2243a9d4007fd47fa01410b7351d894a6cdc48 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://dropbox.coop.uat.360incentives.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 22 May 2023 02:03:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src: https:; frame-ancestors 'self' cf-cache-status DYNAMIC strict-transport-security max-age=63072000; includeSubDomains; preload x-xss-protection 1; mode=block last-modified Mon, 22 May 2023 02:03:02 GMT server cloudflare vary User-Agent,Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * x-stackifyid V2|984fed9b-1a9d-44aa-a1a9-4d9fa91ada66|C62677|CD503 cache-control public x-frame-options SAMEORIGIN cf-ray 7cb17afaca441bcf-FRA access-control-allow-headers Origin,X-Requested-With,Content-Type expires Tue, 21 May 2024 02:03:02 GMT
GET H2	200	Logo dropbox.coop.uat.360incentives.io/client/	20 KB 20 KB	203ms 203ms	Image image/png	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dropbox.coop.uat.360incentives.io/client/Logo?isClient=True Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6744a19ed88aa2769bdb9fbe41e83de3a6709b3c55a5852d143d44f119bcfb89 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://dropbox.coop.uat.360incentives.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 22 May 2023 02:03:03 GMT content-security-policy default-src: https:; frame-ancestors 'self' x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload cf-cache-status DYNAMIC content-length 20193 x-xss-protection 1; mode=block last-modified Mon, 22 May 2023 02:03:03 GMT server cloudflare vary * access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type image/png access-control-allow-origin * x-stackifyid V2|df362a37-fdda-4650-a667-7d044b068254|C62677|CD503 cache-control public, no-store, max-age=0 x-frame-options SAMEORIGIN cf-ray 7cb17affddaf1bcf-FRA access-control-allow-headers Origin,X-Requested-With,Content-Type expires Mon, 22 May 2023 02:03:03 GMT
GET H/1.1	200 OK	AtlasGrotesk-Regular.ttf m7v2lz2nvyvjschgufjh6viz.z19.web.core.windows.net/clients/31367f55-cf4c-44f0-af95-87117a2e645e/Fonts/	40 KB 40 KB	570ms 126ms	Font application/octet-stream	20.60.240.39 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://m7v2lz2nvyvjschgufjh6viz.z19.web.core.windows.net/clients/31367f55-cf4c-44f0-af95-87117a2e645e/Fonts/AtlasGrotesk-Regular.ttf Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/client/css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.240.39 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 74f709266351d48c9bdb0574ac43d95eb7f043a979e64aec1d39af1bd199c973 Request headers Referer https://dropbox.coop.uat.360incentives.io/ Origin https://dropbox.coop.uat.360incentives.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Mon, 22 May 2023 02:03:03 GMT Last-Modified Fri, 20 Aug 2021 17:23:16 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 Vyca6jY9hgSZPspeyi0nyQ== ETag "0x8D963FF32655F75" Content-Type application/octet-stream Access-Control-Allow-Origin * x-ms-request-id 71a85042-501e-0043-3351-8cd674000000 Access-Control-Expose-Headers Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 40656
GET H/1.1	200 OK	kendo.culture.en-US.js Show response m7v2lz2nvyvjschgufjh6viz.z19.web.core.windows.net/clients/31367f55-cf4c-44f0-af95-87117a2e645e/a1adca36-00e0-47d3-8d24-385415dcaeb0/Scripts/KendoResource/	3 KB 3 KB	558ms 123ms	Script application/javascript	20.60.240.39 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://m7v2lz2nvyvjschgufjh6viz.z19.web.core.windows.net/clients/31367f55-cf4c-44f0-af95-87117a2e645e/a1adca36-00e0-47d3-8d24-385415dcaeb0/Scripts/KendoResource/kendo.culture.en-US.js Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/bundles/Login?v=bDQgDhJFhdv1JpW6Bi-q91pdMsNUjl_JJu7f97TGJMU1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.240.39 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 65d780bc2bd0ca6b5b2b6b44189b41028b1a29398e97feba9825e13f6b7f86a4 Request headers accept-language de-DE,de;q=0.9 Referer https://dropbox.coop.uat.360incentives.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Mon, 22 May 2023 02:03:04 GMT Last-Modified Fri, 20 Aug 2021 17:23:26 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 nyxKgKBA3V59xE+/VJq2Fw== ETag "0x8D963FF38BE7272" Content-Type application/javascript Access-Control-Allow-Origin * x-ms-request-id 5cab6e85-e01e-000b-6751-8ccb43000000 Access-Control-Expose-Headers Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 2666
GET H2	200	GetLanguageRerouces Show response dropbox.coop.uat.360incentives.io/api/Resource/	215 KB 78 KB	246ms 245ms	XHR application/json	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dropbox.coop.uat.360incentives.io/api/Resource/GetLanguageRerouces?cultureCode=en-US&brandId=48&_=1684720983962 Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/bundles/Login?v=bDQgDhJFhdv1JpW6Bi-q91pdMsNUjl_JJu7f97TGJMU1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3f9c3b573fe9bc6cc7bedf73514680f512f85127dadafc8d3f6d3664c44eeb6 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://dropbox.coop.uat.360incentives.io/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 22 May 2023 02:03:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src: https:; frame-ancestors 'self' cf-cache-status DYNAMIC strict-transport-security max-age=63072000; includeSubDomains; preload x-xss-protection 1; mode=block pragma no-cache server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * x-stackifyid V2|d15d3fe3-6723-4b5b-8b0b-4995d17cc228|C62677|CD503 cache-control no-cache x-frame-options SAMEORIGIN cf-ray 7cb17b05f9841bcf-FRA access-control-allow-headers Origin,X-Requested-With,Content-Type expires -1
GET H2	200	GetLanguageRerouces Show response dropbox.coop.uat.360incentives.io/api/Resource/	215 KB 78 KB	355ms 354ms	XHR application/json	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dropbox.coop.uat.360incentives.io/api/Resource/GetLanguageRerouces?cultureCode=en-US&brandId=48&_=1684720983963 Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/bundles/Login?v=bDQgDhJFhdv1JpW6Bi-q91pdMsNUjl_JJu7f97TGJMU1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3f9c3b573fe9bc6cc7bedf73514680f512f85127dadafc8d3f6d3664c44eeb6 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://dropbox.coop.uat.360incentives.io/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 22 May 2023 02:03:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src: https:; frame-ancestors 'self' cf-cache-status DYNAMIC strict-transport-security max-age=63072000; includeSubDomains; preload x-xss-protection 1; mode=block pragma no-cache server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * x-stackifyid V2|1e869884-5099-4b12-b2ca-703646053ca7|C62677|CD503 cache-control no-cache x-frame-options SAMEORIGIN cf-ray 7cb17b08fbd61bcf-FRA access-control-allow-headers Origin,X-Requested-With,Content-Type expires -1
GET H2	200	GetEnableSelfRegistration Show response dropbox.coop.uat.360incentives.io/Admin/	5 B 371 B	375ms 375ms	XHR application/json	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dropbox.coop.uat.360incentives.io/Admin/GetEnableSelfRegistration?groupID=9 Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/bundles/angular?v=dr75Z9ISgaQnWs3TJKxPGPEZYxZGHBSGcdgrjWoh3no1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://dropbox.coop.uat.360incentives.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 22 May 2023 02:03:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src: https:; frame-ancestors 'self' cf-cache-status DYNAMIC strict-transport-security max-age=63072000; includeSubDomains; preload content-length 123 x-xss-protection 1; mode=block last-modified Mon, 22 May 2023 02:03:05 GMT server cloudflare vary * access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * x-stackifyid V2|040d5d4f-e034-4e4d-a260-9533c4fb8f9d|C62677|CD503 cache-control public, no-store, max-age=0 x-frame-options SAMEORIGIN cf-ray 7cb17b0cbe591bcf-FRA access-control-allow-headers Origin,X-Requested-With,Content-Type expires Mon, 22 May 2023 02:03:05 GMT
GET H2	200	GetPrivacyPolicybyType Show response dropbox.coop.uat.360incentives.io/Admin/	552 B 534 B	431ms 431ms	XHR application/json	2a06:98c1:58::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dropbox.coop.uat.360incentives.io/Admin/GetPrivacyPolicybyType?privacyPolicyType=ALL&brandId=0&langCode= Requested by Host: dropbox.coop.uat.360incentives.io URL: https://dropbox.coop.uat.360incentives.io/bundles/angular?v=dr75Z9ISgaQnWs3TJKxPGPEZYxZGHBSGcdgrjWoh3no1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b24b297dd9b4cda0013267bde185e465da0ed4cdaa7c5a5992a8807473d73fa Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://dropbox.coop.uat.360incentives.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 22 May 2023 02:03:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src: https:; frame-ancestors 'self' cf-cache-status DYNAMIC strict-transport-security max-age=63072000; includeSubDomains; preload content-length 354 x-xss-protection 1; mode=block last-modified Mon, 22 May 2023 02:03:05 GMT server cloudflare vary * access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * x-stackifyid V2|34e0ada0-364a-4860-a83d-44a9eb966928|C62677|CD503 cache-control public, no-store, max-age=0 x-frame-options SAMEORIGIN cf-ray 7cb17b0cce5b1bcf-FRA access-control-allow-headers Origin,X-Requested-With,Content-Type expires Mon, 22 May 2023 02:03:05 GMT

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery object| kendo function| GetAllResources function| dialogfunction function| dialogfunctionWithOutClose function| GetPermission function| MM_goToURL function| OpenWindow function| ToJavaScriptDate function| ValidateDate function| ValidateFullDate function| AddingDaysToTextFormatDate function| ValidateStartDate function| ValidateEndDate function| CloseBrowerCompatability function| getFormattedDate function| getNumberFromFormattedCurrencyString function| getMaxDate function| getMinDate function| hasInValidValue function| resolveInitialData function| loadResources function| generateUniqueId string| hostAddress object| Resources object| LangKeys object| hurl string| code string| requiredfield_class string| red_text string| accordianCls string| vendorUserTitle string| iqenseSuperUserTitle string| dealerUserTitle string| readOnlyUserTitle object| onlyNumbers object| DateRegEx object| EmailPattern object| WedAddressPattern object| onlyNumbersandLetters object| NumbersLettersandSpecialCharacters number| uploadFilesLimitforSingleTime string| FileNameofClaimSearch string| url object| BookmarkedRecordType object| ObjectType object| MediaDocumentTypes object| FundPeriodAssignment object| ControlMaximumActivityEndDateby object| ReserveBalanceAt object| ShowHideFundsDropDownScreen number| MaxBudgetPercentage number| ManimumBudgetPercentage object| FundApprovalStatus object| TransTypes object| FundTypes object| comparisonOperators object| PlanActivity object| PAStatus object| CampaignSelection object| CampaignRequired object| PermissionTypes object| FileDocType function| saveAs object| angular function| moment object| myApp string| contentAddress string| sessionTimeOut string| SessionExpireRemainderMinutes string| logoutUrl string| lnkPrivacyPolicy string| brandId string| clientGuid string| brandGuid string| IsExpired

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dropbox.coop.uat.360incentives.io/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: a33ntgioyqfkzdfny4akh0h5
			.dropbox.coop.uat.360incentives.io/	1969-12-31 23:59:59	Name: ARRAffinity Value: 91307984de86ffd763baddac01380610718d6d550e39c3a82529cd1a2f82d3ab
			.dropbox.coop.uat.360incentives.io/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 91307984de86ffd763baddac01380610718d6d550e39c3a82529cd1a2f82d3ab
			dropbox.coop.uat.360incentives.io/	1969-12-31 23:59:59	Name: .Stackify.Rum Value: 34e0ada0-364a-4860-a83d-44a9eb966928

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://dropbox.coop.uat.360incentives.io/ Message: The Content-Security-Policy directive name 'default-src:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src: https:; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dropbox.coop.uat.360incentives.io
m7v2lz2nvyvjschgufjh6viz.z19.web.core.windows.net
20.60.240.39
2a06:98c1:58::23
009a653121734b439abf2d5ef7ba0519c457ba504997ae92a5d6dbc11e9728c2
083a54501da01da28a19d8e3f4601251c6d78412c4b0f3f631fda5e142701b1b
133b369106da4eb0b6f5580f53afaf10aaab76bfbeab36d8f023d7818737dd9f
26812be21ec08e61af23010e77ab54f68f6a60962aa0a79f1a628d4125d7163f
4b24b297dd9b4cda0013267bde185e465da0ed4cdaa7c5a5992a8807473d73fa
65d780bc2bd0ca6b5b2b6b44189b41028b1a29398e97feba9825e13f6b7f86a4
668e763dbd8cf860d831547dbb572b12fe1c4b61095c24578cb57c8104198c30
6744a19ed88aa2769bdb9fbe41e83de3a6709b3c55a5852d143d44f119bcfb89
74f709266351d48c9bdb0574ac43d95eb7f043a979e64aec1d39af1bd199c973
a3f9c3b573fe9bc6cc7bedf73514680f512f85127dadafc8d3f6d3664c44eeb6
bb1e073ba99ce537d63a5f2b6b58ebfe83eec40aa0e2e8202707023b404d57cf
bdee7ccdfd7b76f0c65ff0fb80bfb858f233059b4d3cf62ccfdb1489989a00a2
d50304d503df264bdc9ad157d24b14bb4296d320282219f5da13690ef88d21a1
dbb3964cd4f76f0923951234929d3173ba3edfb14a91e2df4f711dc921e7c596
e9ade1bbd3baca06b10e65b53e2243a9d4007fd47fa01410b7351d894a6cdc48
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa