urlscan.io logo urlscan.io
SecurityTrails logo

client01-fundmgmt.coop.prod.360incentives.io Open in urlscan Pro
172.66.0.35  Public Scan

Go To Rescan Add Verdict Report
URL: https://client01-fundmgmt.coop.prod.360incentives.io/
Submission: On September 01 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 25 HTTP transactions. The main IP is 172.66.0.35, located in United States and belongs to CLOUDFLARENET, US. The main domain is client01-fundmgmt.coop.prod.360incentives.io.
TLS certificate: Issued by E6 on August 29th 2024. Valid for: 3 months.
This is the only time client01-fundmgmt.coop.prod.360incentives.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 172.66.0.35 13335 (CLOUDFLAR...)
1 52.239.235.1 8075 (MICROSOFT...)
2 20.60.245.198 8075 (MICROSOFT...)
25 3
Domain Requested by
22 client01-fundmgmt.coop.prod.360incentives.io client01-fundmgmt.coop.prod.360incentives.io
2 g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net client01-fundmgmt.coop.prod.360incentives.io
1 qg9mnddibzrvtp4vax9cnaae.z19.web.core.windows.net client01-fundmgmt.coop.prod.360incentives.io
25 3

This site contains no links.

Subject Issuer Validity Valid
client01-fundmgmt.coop.prod.360incentives.io
E6		 2024-08-29 -
2024-11-27		 3 months crt.sh
*.web.core.windows.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-03-27 -
2025-03-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://client01-fundmgmt.coop.prod.360incentives.io/
Frame ID: BAEA19513F482C2DF14417ADA08B73B7
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ABC, Inc.

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

2119 kB
Transfer

7033 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
client01-fundmgmt.coop.prod.360incentives.io/ 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e0a4277a80bdf56016abefb83d1d20a8bdaae567a47c51de0b352bd8b17f2d9
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
8bc0fbe278984c76-MXP
Cache-Control
public, no-store, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Sun, 01 Sep 2024 00:01:07 GMT
Expires
Sun, 01 Sep 2024 00:01:07 GMT
Last-Modified
Sun, 01 Sep 2024 00:01:07 GMT
Server
cloudflare
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
*
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-StackifyID
V2|87208335-6ace-47f4-ab28-394f47d1caa9|C62677|CD791
X-XSS-Protection
1; mode=block
bootstrap
client01-fundmgmt.coop.prod.360incentives.io/Content/themes/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/Content/themes/bootstrap?v=DIZCu09W36eW9H8OnRZIU5HjAn9jT-QLD3myrA40k2I1
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668e763dbd8cf860d831547dbb572b12fe1c4b61095c24578cb57c8104198c30
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:08 GMT
Server
cloudflare
Vary
User-Agent
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|6c69c5fc-1311-49ef-b21a-e3f654872839|C62677|CD791
Cache-Control
public
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fbe75f14bb0b-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Mon, 01 Sep 2025 00:01:08 GMT
styles
client01-fundmgmt.coop.prod.360incentives.io/Content/themes/base/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/Content/themes/base/styles?v=44rUzHeHI2vyEuaG0iydIx6Za6IjmzRS4gIvBLGAzSc1
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009a653121734b439abf2d5ef7ba0519c457ba504997ae92a5d6dbc11e9728c2
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:07 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:07 GMT
Server
cloudflare
Vary
User-Agent
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|65e3659a-dfc8-45c5-815b-dfcee16e3579|C62677|CD791
Cache-Control
public
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fbe76c804c76-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Mon, 01 Sep 2025 00:01:07 GMT
MainStyles
client01-fundmgmt.coop.prod.360incentives.io/Content/themes/styles/ 		93 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/Content/themes/styles/MainStyles?v=gkCIOvu_ffRnLCL34LJlJ6X6xJhO5AenU7yw6uB3CE41
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a01d71ec454e5688fec7309e988abc4f402e076b91af211ecb665a4b1cd7bd05
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:08 GMT
Server
cloudflare
Vary
User-Agent
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|7d8efc8a-0567-48d7-aeb2-c2c58d5bdf02|C62677|CD791
Cache-Control
public
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fbe89d694c76-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Mon, 01 Sep 2025 00:01:08 GMT
css
client01-fundmgmt.coop.prod.360incentives.io/client/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/client/css
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dd3149af605946cfe92373a4ecedc0aa22b93ed038b57553b3d52bf497f90a3
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:08 GMT
Server
cloudflare
Vary
*
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|bae86c8b-5c84-4061-868a-c9fa41ccc74e|C62677|CD791
Cache-Control
public, no-store, max-age=0
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fbe9ec774bef-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Sun, 01 Sep 2024 00:01:08 GMT
jquery
client01-fundmgmt.coop.prod.360incentives.io/bundles/ 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/bundles/jquery?v=vj1PQFqY1DpOo-avThwudeWjX9yUE4sZvBWq1S3s_3Q1
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
061910e6f6ad2adf1b81b76e5ab37515765ee9adfc501048bd619a4b91c3eb35
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:08 GMT
Server
cloudflare
Vary
User-Agent
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|78deff13-d415-47f9-b28a-a0b5784077da|C62677|CD791
Cache-Control
public
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fbe9ed600e5d-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Mon, 01 Sep 2025 00:01:08 GMT
kendo.all.min.js
client01-fundmgmt.coop.prod.360incentives.io/Scripts/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/Scripts/kendo.all.min.js
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbc1b18e4f562ec67ee35183073f7bc8abceb481802222df05b2e95a34532502
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:09 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
MISS
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 27 Aug 2024 18:15:00 GMT
Server
cloudflare
ETag
W/"06a847adf8da1:0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=432000
CF-RAY
8bc0fbe9fa3ebb11-MXP
Expires
Fri, 06 Sep 2024 00:01:08 GMT
Common
client01-fundmgmt.coop.prod.360incentives.io/Scripts/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/Scripts/Common?v=L_VFa-Znp5Ec9fjxRmKF4M4HNbfxN3yE4Mpj4yRFLq81
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88acd849a95b9961213da28d505cc2ce6837bd9f1002f5e14b10c45b90e45fd1
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:08 GMT
Server
cloudflare
Vary
User-Agent
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|11f1f4c9-4c18-42bb-8bf7-c18d469f08cd|C62677|CD791
Cache-Control
public
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fbe9f89c5a43-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Mon, 01 Sep 2025 00:01:08 GMT
angular
client01-fundmgmt.coop.prod.360incentives.io/bundles/ 		281 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/bundles/angular?v=8gRWX-t0wIQQcx58CyvMveKm-iEkSyScKlIjvmX291A1
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eceeb60527d7860b103c85610095a88c4e6198c30d1e9c80573516338a849443
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:08 GMT
Server
cloudflare
Vary
User-Agent
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|cc5e7655-05f1-476e-b40f-ff45d79ec0f7|C62677|CD791
Cache-Control
public
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fbea9f3f4c76-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Mon, 01 Sep 2025 00:01:08 GMT
Login
client01-fundmgmt.coop.prod.360incentives.io/bundles/ 		377 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/bundles/Login?v=qGI7CkLwUSVjRn5qCAZ4jDEl5sU9Hi6AsGPXROB5Z241
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fd5313139139029fb3c07613da3f6420a02be3c049b954eea944020f067c794
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:08 GMT
Server
cloudflare
Vary
User-Agent
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|4f1f77ac-6d23-4151-946b-14cceb30c6cd|C62677|CD791
Cache-Control
public
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fbeca8a44c76-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Mon, 01 Sep 2025 00:01:08 GMT
Logo
client01-fundmgmt.coop.prod.360incentives.io/client/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/client/Logo?isClient=True
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
772e1d8a114e704392c1e98db01bb9b591ffad244b192e3b3506b53705d41770
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Connection
keep-alive
Content-Length
61484
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:08 GMT
Server
cloudflare
Vary
*
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-StackifyID
V2|e784f8e1-a4d7-4c1c-88e1-24670142d237|C62677|CD791
Cache-Control
public, no-store, max-age=0
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fbedcece4bef-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Sun, 01 Sep 2024 00:01:08 GMT
GetPortalLanguages
client01-fundmgmt.coop.prod.360incentives.io/undefinedAdmin/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/undefinedAdmin/GetPortalLanguages
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/bundles/jquery?v=vj1PQFqY1DpOo-avThwudeWjX9yUE4sZvBWq1S3s_3Q1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17371253f86b2387cc28f4c612605efe021411c77e522fdc1b3293c74bd7a75e
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:10 GMT
Server
cloudflare
Vary
*
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|1832d4a4-5b67-4fdc-b1d3-ea04c5b9a097|C62677|CD791
Cache-Control
public, no-store, max-age=0
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fbf81d21bb11-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Sun, 01 Sep 2024 00:01:10 GMT
GetTermsAndConditions
client01-fundmgmt.coop.prod.360incentives.io/undefinedAdmin/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/undefinedAdmin/GetTermsAndConditions
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/bundles/jquery?v=vj1PQFqY1DpOo-avThwudeWjX9yUE4sZvBWq1S3s_3Q1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
020b6e56e22bd550c47c81cf8811b574b3655fa956e724649137bbf8f55f5f51
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:11 GMT
Server
cloudflare
Vary
*
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|9e29b7d6-81b3-4c66-8d8b-b761f536e789|C62677|CD791
Cache-Control
public, no-store, max-age=0
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fbfc186bbb11-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Sun, 01 Sep 2024 00:01:11 GMT
GetTermsAndConditionsActive
client01-fundmgmt.coop.prod.360incentives.io/undefinedAdmin/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/undefinedAdmin/GetTermsAndConditionsActive
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/bundles/jquery?v=vj1PQFqY1DpOo-avThwudeWjX9yUE4sZvBWq1S3s_3Q1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
020b6e56e22bd550c47c81cf8811b574b3655fa956e724649137bbf8f55f5f51
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:11 GMT
Server
cloudflare
Vary
*
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|4401fb60-3355-461a-980d-7cbd29312b76|C62677|CD791
Cache-Control
public, no-store, max-age=0
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fbfd5965bb11-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Sun, 01 Sep 2024 00:01:11 GMT
GetPortalLanguages
client01-fundmgmt.coop.prod.360incentives.io/undefinedAdmin/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/undefinedAdmin/GetPortalLanguages
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/bundles/Login?v=qGI7CkLwUSVjRn5qCAZ4jDEl5sU9Hi6AsGPXROB5Z241
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
020b6e56e22bd550c47c81cf8811b574b3655fa956e724649137bbf8f55f5f51
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:11 GMT
Server
cloudflare
Vary
*
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|7ab4de90-e218-463c-bd8d-f158de9aebfd|C62677|CD791
Cache-Control
public, no-store, max-age=0
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fbfeda99bb11-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Sun, 01 Sep 2024 00:01:11 GMT
GetTermsAndConditions
client01-fundmgmt.coop.prod.360incentives.io/undefinedAdmin/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/undefinedAdmin/GetTermsAndConditions
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/bundles/Login?v=qGI7CkLwUSVjRn5qCAZ4jDEl5sU9Hi6AsGPXROB5Z241
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
020b6e56e22bd550c47c81cf8811b574b3655fa956e724649137bbf8f55f5f51
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:11 GMT
Server
cloudflare
Vary
*
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|116f2418-8ec7-47ba-adee-69d25010a4bc|C62677|CD791
Cache-Control
public, no-store, max-age=0
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fc004b8cbb11-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Sun, 01 Sep 2024 00:01:11 GMT
GetTermsAndConditionsActive
client01-fundmgmt.coop.prod.360incentives.io/undefinedAdmin/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/undefinedAdmin/GetTermsAndConditionsActive
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/bundles/Login?v=qGI7CkLwUSVjRn5qCAZ4jDEl5sU9Hi6AsGPXROB5Z241
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c3cc3348a618d98d1ec1670b22e3cae4793a742a4718e445a34da128f6a68dd
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:12 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:11 GMT
Server
cloudflare
Vary
*
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|193268ad-e575-4839-a284-c50bfbd7286f|C62677|CD791
Cache-Control
public, no-store, max-age=0
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fc018c7dbb11-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Sun, 01 Sep 2024 00:01:11 GMT
kendo.culture.en-US.js
qg9mnddibzrvtp4vax9cnaae.z19.web.core.windows.net/clients/11111111-1111-1111-1111-111111111111/11111111-1111-1111-1111-111111111111/Scripts/KendoResource/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qg9mnddibzrvtp4vax9cnaae.z19.web.core.windows.net/clients/11111111-1111-1111-1111-111111111111/11111111-1111-1111-1111-111111111111/Scripts/KendoResource/kendo.culture.en-US.js
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/bundles/Login?v=qGI7CkLwUSVjRn5qCAZ4jDEl5sU9Hi6AsGPXROB5Z241
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.239.235.1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
65d780bc2bd0ca6b5b2b6b44189b41028b1a29398e97feba9825e13f6b7f86a4

Request headers

Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:12 GMT
Last-Modified
Thu, 26 Sep 2019 15:02:17 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
nyxKgKBA3V59xE+/VJq2Fw==
ETag
"0x8D7429285D9FE3D"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
62c2af07-f01e-007c-6002-fc176e000000
Access-Control-Expose-Headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
2666
Nunito-Regular.ttf
g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/11111111-1111-1111-1111-111111111111/11111111-1111-1111-1111-111111111111/Fonts/ 		111 KB
112 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/11111111-1111-1111-1111-111111111111/11111111-1111-1111-1111-111111111111/Fonts/Nunito-Regular.ttf
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/client/css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.245.198 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
96a2bf793dd663407f49bcd219fe5abca8d52ce98d47b6063e3843db5d17bcdd

Request headers

Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
Origin
https://client01-fundmgmt.coop.prod.360incentives.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:12 GMT
Last-Modified
Tue, 18 Jun 2019 15:41:50 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ZbsKFY7hlnKS7k0RB51Frg==
ETag
"0x8D6F4037B481172"
Content-Type
application/x-font-ttf
Access-Control-Allow-Origin
*
x-ms-request-id
9d92649f-401e-0050-3c02-fcc923000000
Access-Control-Expose-Headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
113832
Nunito-Bold.ttf
g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/11111111-1111-1111-1111-111111111111/11111111-1111-1111-1111-111111111111/Fonts/ 		113 KB
114 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/11111111-1111-1111-1111-111111111111/11111111-1111-1111-1111-111111111111/Fonts/Nunito-Bold.ttf
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/client/css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.245.198 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4525fec0d2f1821c3ab039bd089130ed65f14282495321dd768a6bfb34b75902

Request headers

Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
Origin
https://client01-fundmgmt.coop.prod.360incentives.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:12 GMT
Last-Modified
Tue, 18 Jun 2019 15:41:48 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
b0e8/AZXkPAu08uLUb71bw==
ETag
"0x8D6F40379E2B729"
Content-Type
application/x-font-ttf
Access-Control-Allow-Origin
*
x-ms-request-id
968c7a94-701e-0074-1c02-fc3f83000000
Access-Control-Expose-Headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
115852
GetLanguageRerouces
client01-fundmgmt.coop.prod.360incentives.io/api/Resource/ 		239 KB
78 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/api/Resource/GetLanguageRerouces?cultureCode=en-US&brandId=1&_=1725148871470
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/bundles/Login?v=qGI7CkLwUSVjRn5qCAZ4jDEl5sU9Hi6AsGPXROB5Z241
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4409575414e462b30afa8c318e602941cf35b39c362204d9937864c6ae7f537d
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:12 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|f07ed53a-febf-4768-9622-8b8155569d64|C62677|CD791
Cache-Control
no-cache
CF-RAY
8bc0fc030d87bb11-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
-1
GetLanguageRerouces
client01-fundmgmt.coop.prod.360incentives.io/api/Resource/ 		239 KB
77 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/api/Resource/GetLanguageRerouces?cultureCode=en-US&brandId=1&_=1725148871471
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/bundles/Login?v=qGI7CkLwUSVjRn5qCAZ4jDEl5sU9Hi6AsGPXROB5Z241
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4409575414e462b30afa8c318e602941cf35b39c362204d9937864c6ae7f537d
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:12 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|9a110e64-cabf-4ab2-9f92-f4bd7862f55b|C62677|CD791
Cache-Control
no-cache
CF-RAY
8bc0fc064fbbbb11-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
-1
GetEnableSelfRegistration
client01-fundmgmt.coop.prod.360incentives.io/Admin/ 		4 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/Admin/GetEnableSelfRegistration?groupID=9
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/bundles/angular?v=8gRWX-t0wIQQcx58CyvMveKm-iEkSyScKlIjvmX291A1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Connection
keep-alive
Content-Length
4
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:13 GMT
Server
cloudflare
Vary
*
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|19713b5e-db34-4e34-bb10-66bb694b9354|C62677|CD791
Cache-Control
public, no-store, max-age=0
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fc08a9aabb11-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Sun, 01 Sep 2024 00:01:13 GMT
GetPrivacyPolicybyType
client01-fundmgmt.coop.prod.360incentives.io/Admin/ 		540 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/Admin/GetPrivacyPolicybyType?privacyPolicyType=ALL&brandId=0&langCode=
Requested by
Host: client01-fundmgmt.coop.prod.360incentives.io
URL: https://client01-fundmgmt.coop.prod.360incentives.io/bundles/angular?v=8gRWX-t0wIQQcx58CyvMveKm-iEkSyScKlIjvmX291A1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a767fbafc3483de93499dd147808afb80adb10f12245582de28b813875a2c
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:13 GMT
Server
cloudflare
Vary
*
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-StackifyID
V2|8befd962-7dd0-46fb-b2cb-ee99937417ad|C62677|CD791
Cache-Control
public, no-store, max-age=0
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fc08a9cd4bef-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Sun, 01 Sep 2024 00:01:13 GMT
Favicon
client01-fundmgmt.coop.prod.360incentives.io/client/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://client01-fundmgmt.coop.prod.360incentives.io/client/Favicon?isClient=True&t=08312024200107
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b813c47b2aafa2b99ab6febeac042ea9f2066aca9627c0b5cea4c2c71e14deb9
Security Headers
Name Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client01-fundmgmt.coop.prod.360incentives.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 00:01:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src: https:; frame-ancestors 'self'
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 01 Sep 2024 00:01:13 GMT
Server
cloudflare
Vary
*
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
X-StackifyID
V2|ab39c57a-27ac-42b1-9a4d-33c15d75111c|C62677|CD791
Cache-Control
public, no-store, max-age=0
X-Frame-Options
SAMEORIGIN
CF-RAY
8bc0fc09ef990e5d-MXP
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type
Expires
Sun, 01 Sep 2024 00:01:13 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| kendo object| KendoLicensing function| GetAllResources function| dialogfunction function| dialogfunctionWithOutClose function| GetPermission function| MM_goToURL function| OpenWindow function| ToJavaScriptDate function| ValidateDate function| ValidateFullDate function| AddingDaysToTextFormatDate function| ValidateStartDate function| ValidateEndDate function| CloseBrowerCompatability function| getFormattedDate function| getNumberFromFormattedCurrencyString function| getMaxDate function| getMinDate function| hasInValidValue function| resolveInitialData function| loadResources function| generateUniqueId function| clean function| GetEnglishResources function| IsUserTitleExists function| IsValidGroupURL function| GetPeriodAssingnment function| GetCustomerGroupId function| getExactMatch function| GetCapRules function| GetApprovedClaimsAmount function| addTargetBlank function| GetLanguages function| GetBrandTnCAcknowledgements function| GetTermsAndConditionsActive function| GetTnCAckonwledgementByCulture string| hostAddress object| Resources object| LangKeys object| hurl string| code string| requiredfield_class string| red_text string| accordianCls string| vendorUserTitle string| iqenseSuperUserTitle string| dealerUserTitle string| readOnlyUserTitle object| onlyNumbers object| DateRegEx object| EmailPattern object| WedAddressPattern object| onlyNumbersandLetters object| NumbersLettersandSpecialCharacters number| uploadFilesLimitforSingleTime string| FileNameofClaimSearch object| BookmarkedRecordType object| ObjectType object| MediaDocumentTypes object| FundPeriodAssignment object| ControlMaximumActivityEndDateby object| ReserveBalanceAt object| ShowHideFundsDropDownScreen number| MaxBudgetPercentage number| ManimumBudgetPercentage object| FundApprovalStatus object| TransTypes object| FundTypes object| comparisonOperators object| PlanActivity object| PAStatus object| CampaignSelection object| CampaignRequired object| PermissionTypes object| UserTitles object| FileDocType object| BrandLanguages object| lstTnCAcknowledgements function| saveAs object| angular function| moment function| SetTestingIdsLogin function| SetTestIDLogin function| SetTestingIdsFooter function| SetTestIDFooter object| myApp string| contentAddress string| sessionTimeOut string| SessionExpireRemainderMinutes string| logoutUrl string| lnkPrivacyPolicy string| brandId string| clientGuid string| brandGuid

4 Cookies

Domain/Path Name / Value
client01-fundmgmt.coop.prod.360incentives.io/ Name: ASP.NET_SessionId
Value: lwn5uqfqr4rupytlj0cm2xhw
.client01-fundmgmt.coop.prod.360incentives.io/ Name: ARRAffinity
Value: ab50b1ac6051a1a1f2af0ec34b4bb711e9b3a13af439fda988476d74e5d56914
.client01-fundmgmt.coop.prod.360incentives.io/ Name: ARRAffinitySameSite
Value: ab50b1ac6051a1a1f2af0ec34b4bb711e9b3a13af439fda988476d74e5d56914
.client01-fundmgmt.coop.prod.360incentives.io/ Name: __cf_bm
Value: 4xXk9K40QZpOOy8U30Ep7uscr2tL5OVDsTNnUaHpoOc-1725148867-1.0.1.1-znatvONlogM0Kf_xh8JOkEA80ntBjaoqhUgDGS.mcxtQ4Bbh1JCvZHcKd5HPJIe6kiUSKl.T3nMmh5Fhd5IU2w

2 Console Messages

Source Level URL
Text
security error URL: https://client01-fundmgmt.coop.prod.360incentives.io/
Message:
The Content-Security-Policy directive name 'default-src:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
recommendation verbose URL: https://client01-fundmgmt.coop.prod.360incentives.io/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src: https:; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client01-fundmgmt.coop.prod.360incentives.io
g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net
qg9mnddibzrvtp4vax9cnaae.z19.web.core.windows.net
172.66.0.35
20.60.245.198
52.239.235.1
009a653121734b439abf2d5ef7ba0519c457ba504997ae92a5d6dbc11e9728c2
020b6e56e22bd550c47c81cf8811b574b3655fa956e724649137bbf8f55f5f51
061910e6f6ad2adf1b81b76e5ab37515765ee9adfc501048bd619a4b91c3eb35
17371253f86b2387cc28f4c612605efe021411c77e522fdc1b3293c74bd7a75e
1e0a4277a80bdf56016abefb83d1d20a8bdaae567a47c51de0b352bd8b17f2d9
4409575414e462b30afa8c318e602941cf35b39c362204d9937864c6ae7f537d
4525fec0d2f1821c3ab039bd089130ed65f14282495321dd768a6bfb34b75902
65d780bc2bd0ca6b5b2b6b44189b41028b1a29398e97feba9825e13f6b7f86a4
668e763dbd8cf860d831547dbb572b12fe1c4b61095c24578cb57c8104198c30
6c3cc3348a618d98d1ec1670b22e3cae4793a742a4718e445a34da128f6a68dd
6dd3149af605946cfe92373a4ecedc0aa22b93ed038b57553b3d52bf497f90a3
772e1d8a114e704392c1e98db01bb9b591ffad244b192e3b3506b53705d41770
88acd849a95b9961213da28d505cc2ce6837bd9f1002f5e14b10c45b90e45fd1
96a2bf793dd663407f49bcd219fe5abca8d52ce98d47b6063e3843db5d17bcdd
9fd5313139139029fb3c07613da3f6420a02be3c049b954eea944020f067c794
a01d71ec454e5688fec7309e988abc4f402e076b91af211ecb665a4b1cd7bd05
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b813c47b2aafa2b99ab6febeac042ea9f2066aca9627c0b5cea4c2c71e14deb9
ba4a767fbafc3483de93499dd147808afb80adb10f12245582de28b813875a2c
dbc1b18e4f562ec67ee35183073f7bc8abceb481802222df05b2e95a34532502
eceeb60527d7860b103c85610095a88c4e6198c30d1e9c80573516338a849443