client03-fundmgmt.coop.test.360incentives.io Open in urlscan Pro
2606:4700:7::23  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response client03-fundmgmt.coop.test.360incentives.io/	8 KB 9 KB	1056ms 988ms	Document text/html	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40ba0cfeb335ffd714afafa8fb05773e25f6094f462c354f12f8f32838fbf8f7 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin,X-Requested-With,Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * cache-control public, no-store, max-age=0 cf-cache-status DYNAMIC cf-ray 8e5dff7e9d72d364-FRA content-security-policy default-src: https:; frame-ancestors 'self' content-type text/html; charset=utf-8 date Thu, 21 Nov 2024 04:39:49 GMT expires Thu, 21 Nov 2024 04:39:48 GMT last-modified Thu, 21 Nov 2024 04:39:48 GMT server cloudflare strict-transport-security max-age=63072000; includeSubDomains; preload vary * x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	bootstrap client03-fundmgmt.coop.test.360incentives.io/Content/themes/	118 KB 118 KB	202ms 196ms	Stylesheet text/css	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/Content/themes/bootstrap?v=DIZCu09W36eW9H8OnRZIU5HjAn9jT-QLD3myrA40k2I1 Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 668e763dbd8cf860d831547dbb572b12fe1c4b61095c24578cb57c8104198c30 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://client03-fundmgmt.coop.test.360incentives.io/ Response headers cf-cache-status DYNAMIC access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-content-type-options nosniff expires Fri, 21 Nov 2025 04:39:49 GMT date Thu, 21 Nov 2024 04:39:49 GMT content-type text/css; charset=utf-8 last-modified Thu, 21 Nov 2024 04:39:49 GMT vary User-Agent x-frame-options SAMEORIGIN access-control-allow-headers Origin,X-Requested-With,Content-Type strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control public cf-ray 8e5dff84de24d364-FRA access-control-allow-origin * content-length 120548 x-xss-protection 1; mode=block server cloudflare
GET H2	200	styles client03-fundmgmt.coop.test.360incentives.io/Content/themes/base/	24 KB 24 KB	557ms 552ms	Stylesheet text/css	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/Content/themes/base/styles?v=44rUzHeHI2vyEuaG0iydIx6Za6IjmzRS4gIvBLGAzSc1 Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 009a653121734b439abf2d5ef7ba0519c457ba504997ae92a5d6dbc11e9728c2 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://client03-fundmgmt.coop.test.360incentives.io/ Response headers cf-cache-status DYNAMIC access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-content-type-options nosniff expires Fri, 21 Nov 2025 04:39:49 GMT date Thu, 21 Nov 2024 04:39:49 GMT content-type text/css; charset=utf-8 last-modified Thu, 21 Nov 2024 04:39:49 GMT vary User-Agent x-frame-options SAMEORIGIN access-control-allow-headers Origin,X-Requested-With,Content-Type strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control public cf-ray 8e5dff84de25d364-FRA access-control-allow-origin * content-length 24332 x-xss-protection 1; mode=block server cloudflare
GET H2	200	MainStyles client03-fundmgmt.coop.test.360incentives.io/Content/themes/styles/	93 KB 93 KB	555ms 549ms	Stylesheet text/css	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/Content/themes/styles/MainStyles?v=Vbr2YM_8sz--6NMfGAiepCTIh3Bef6kVQRzIHrHZMEs1 Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d3a744532d1a54ed52c40a1408f478f67f8faed800220c778bac4f4ca2a3db5 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://client03-fundmgmt.coop.test.360incentives.io/ Response headers cf-cache-status DYNAMIC access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-content-type-options nosniff expires Fri, 21 Nov 2025 04:39:49 GMT date Thu, 21 Nov 2024 04:39:49 GMT content-type text/css; charset=utf-8 last-modified Thu, 21 Nov 2024 04:39:49 GMT vary User-Agent x-frame-options SAMEORIGIN access-control-allow-headers Origin,X-Requested-With,Content-Type strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control public cf-ray 8e5dff84de29d364-FRA access-control-allow-origin * content-length 95451 x-xss-protection 1; mode=block server cloudflare
GET H2	200	css client03-fundmgmt.coop.test.360incentives.io/client/	10 KB 10 KB	550ms 544ms	Stylesheet text/css	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/client/css Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4a172348794f143519b092f2a4b83b577cdd83ad6ef55a45b31863d4a8f2119 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://client03-fundmgmt.coop.test.360incentives.io/ Response headers cf-cache-status DYNAMIC access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-content-type-options nosniff expires Thu, 21 Nov 2024 04:39:49 GMT date Thu, 21 Nov 2024 04:39:49 GMT content-type text/css; charset=utf-8 last-modified Thu, 21 Nov 2024 04:39:49 GMT vary * x-frame-options SAMEORIGIN access-control-allow-headers Origin,X-Requested-With,Content-Type strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control public, no-store, max-age=0 cf-ray 8e5dff84de2bd364-FRA access-control-allow-origin * content-length 10159 x-xss-protection 1; mode=block server cloudflare
GET H2	200	jquery Show response client03-fundmgmt.coop.test.360incentives.io/bundles/	99 KB 99 KB	541ms 536ms	Script text/javascript	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/bundles/jquery?v=9i1F8QNDQ0CofWZuNu1ALdJ-1ZcQi3XiM_AEb-lznc01 Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 59ba07d8f804148e70eeb23cc79e8fb5f16895c35eff5471b6af42ea7661f8d3 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://client03-fundmgmt.coop.test.360incentives.io/ Response headers cf-cache-status DYNAMIC access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-content-type-options nosniff expires Fri, 21 Nov 2025 04:39:49 GMT date Thu, 21 Nov 2024 04:39:49 GMT content-type text/javascript; charset=utf-8 last-modified Thu, 21 Nov 2024 04:39:49 GMT vary User-Agent x-frame-options SAMEORIGIN access-control-allow-headers Origin,X-Requested-With,Content-Type strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control public cf-ray 8e5dff84de2dd364-FRA access-control-allow-origin * content-length 101223 x-xss-protection 1; mode=block server cloudflare
GET H2	200	kendo.all.min.js Show response client03-fundmgmt.coop.test.360incentives.io/Scripts/	5 MB 5 MB	41ms 36ms	Script application/x-javascript	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/Scripts/kendo.all.min.js Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbc1b18e4f562ec67ee35183073f7bc8abceb481802222df05b2e95a34532502 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://client03-fundmgmt.coop.test.360incentives.io/ Response headers cf-cache-status HIT etag "0fa3255f37db1:0" age 262015 x-content-type-options nosniff expires Tue, 26 Nov 2024 04:39:49 GMT date Thu, 21 Nov 2024 04:39:49 GMT content-type application/x-javascript last-modified Fri, 15 Nov 2024 13:06:12 GMT vary Accept-Encoding x-frame-options SAMEORIGIN strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control public, max-age=432000 cf-ray 8e5dff84de2ed364-FRA accept-ranges bytes content-length 5335570 x-xss-protection 1; mode=block server cloudflare
GET H2	200	Common Show response client03-fundmgmt.coop.test.360incentives.io/Scripts/	17 KB 17 KB	548ms 543ms	Script text/javascript	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/Scripts/Common?v=IaxsnfREzrhAY0tDBdU0L8HnKqwiumxfANmQh68UNoM1 Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d6d5e3ed5dba44c425bba46ed666a310c7d6c92880075bbdfab299e5726ab90 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://client03-fundmgmt.coop.test.360incentives.io/ Response headers cf-cache-status DYNAMIC access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-content-type-options nosniff expires Fri, 21 Nov 2025 04:39:49 GMT date Thu, 21 Nov 2024 04:39:49 GMT content-type text/javascript; charset=utf-8 last-modified Thu, 21 Nov 2024 04:39:49 GMT vary User-Agent x-frame-options SAMEORIGIN access-control-allow-headers Origin,X-Requested-With,Content-Type strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control public cf-ray 8e5dff84de2fd364-FRA access-control-allow-origin * content-length 17307 x-xss-protection 1; mode=block server cloudflare
GET H2	200	angular Show response client03-fundmgmt.coop.test.360incentives.io/bundles/	281 KB 282 KB	558ms 553ms	Script text/javascript	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/bundles/angular?v=8gRWX-t0wIQQcx58CyvMveKm-iEkSyScKlIjvmX291A1 Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eceeb60527d7860b103c85610095a88c4e6198c30d1e9c80573516338a849443 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://client03-fundmgmt.coop.test.360incentives.io/ Response headers cf-cache-status DYNAMIC access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-content-type-options nosniff expires Fri, 21 Nov 2025 04:39:49 GMT date Thu, 21 Nov 2024 04:39:49 GMT content-type text/javascript; charset=utf-8 last-modified Thu, 21 Nov 2024 04:39:49 GMT vary User-Agent x-frame-options SAMEORIGIN access-control-allow-headers Origin,X-Requested-With,Content-Type strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control public cf-ray 8e5dff84de30d364-FRA access-control-allow-origin * content-length 288248 x-xss-protection 1; mode=block server cloudflare
GET H2	200	Login Show response client03-fundmgmt.coop.test.360incentives.io/bundles/	378 KB 379 KB	555ms 551ms	Script text/javascript	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/bundles/Login?v=ZIvEjwT6svfwFVW_NdCBFf2ADaWYum_vbZNrnJcH2Wg1 Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12fb7bad1e1f83be5041f3b640fb2726870d01a648fdf7bd945d9dc37a9323c0 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://client03-fundmgmt.coop.test.360incentives.io/ Response headers cf-cache-status DYNAMIC access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-content-type-options nosniff expires Fri, 21 Nov 2025 04:39:49 GMT date Thu, 21 Nov 2024 04:39:49 GMT content-type text/javascript; charset=utf-8 last-modified Thu, 21 Nov 2024 04:39:49 GMT vary User-Agent x-frame-options SAMEORIGIN access-control-allow-headers Origin,X-Requested-With,Content-Type strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control public cf-ray 8e5dff84de31d364-FRA access-control-allow-origin * content-length 387539 x-xss-protection 1; mode=block server cloudflare
GET H2	200	Logo client03-fundmgmt.coop.test.360incentives.io/client/	4 KB 4 KB	555ms 550ms	Image image/png	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://client03-fundmgmt.coop.test.360incentives.io/client/Logo?isClient=True Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dafb2cdc1af0ef24aed4510ca06ef898736e9be64ef3b884bc4401705c7cf83f Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://client03-fundmgmt.coop.test.360incentives.io/ Response headers cf-cache-status DYNAMIC access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-content-type-options nosniff expires Thu, 21 Nov 2024 04:39:49 GMT date Thu, 21 Nov 2024 04:39:49 GMT content-type image/png last-modified Thu, 21 Nov 2024 04:39:49 GMT vary * x-frame-options SAMEORIGIN access-control-allow-headers Origin,X-Requested-With,Content-Type strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control public, no-store, max-age=0 cf-ray 8e5dff84de33d364-FRA access-control-allow-origin * content-length 4006 x-xss-protection 1; mode=block server cloudflare
GET H/1.1	200 OK	kendo.culture.en-US.js Show response g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/615b464a-4176-4d23-b35a-55326238e04b/5ddd93f0-30b2-4f92-8f4f-dc50db48d4e5/Scripts/KendoResource/	3 KB 3 KB	715ms 195ms	Script application/javascript	20.60.245.198 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net/clients/615b464a-4176-4d23-b35a-55326238e04b/5ddd93f0-30b2-4f92-8f4f-dc50db48d4e5/Scripts/KendoResource/kendo.culture.en-US.js Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/bundles/Login?v=ZIvEjwT6svfwFVW_NdCBFf2ADaWYum_vbZNrnJcH2Wg1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.60.245.198 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 65d780bc2bd0ca6b5b2b6b44189b41028b1a29398e97feba9825e13f6b7f86a4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://client03-fundmgmt.coop.test.360incentives.io/ Response headers Content-MD5 nyxKgKBA3V59xE+/VJq2Fw== Access-Control-Expose-Headers Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version x-ms-version 2018-03-28 ETag "0x8DD0944CC6BABF7" x-ms-request-id 50012b8c-101e-0000-71cf-3b0b73000000 Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 2666 Date Thu, 21 Nov 2024 04:39:51 GMT Content-Type application/javascript Last-Modified Wed, 20 Nov 2024 09:22:04 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
GET H2	200	GetLanguageRerouces Show response client03-fundmgmt.coop.test.360incentives.io/api/Resource/	237 KB 238 KB	227ms 225ms	XHR application/json	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/api/Resource/GetLanguageRerouces?cultureCode=en-US&brandId=411&_=1732163990454 Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/bundles/Login?v=ZIvEjwT6svfwFVW_NdCBFf2ADaWYum_vbZNrnJcH2Wg1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8002884d5624f14056c2b068ee0d406bf40509cea6424d3aaf552fdcc4b75b72 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://client03-fundmgmt.coop.test.360incentives.io/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Response headers cf-cache-status DYNAMIC access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-content-type-options nosniff expires -1 date Thu, 21 Nov 2024 04:39:50 GMT content-type application/json; charset=utf-8 x-frame-options SAMEORIGIN access-control-allow-headers Origin,X-Requested-With,Content-Type strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control no-cache pragma no-cache cf-ray 8e5dff8cf924d364-FRA access-control-allow-origin * content-length 242798 x-xss-protection 1; mode=block server cloudflare
GET H2	200	GetLanguageRerouces Show response client03-fundmgmt.coop.test.360incentives.io/api/Resource/	237 KB 237 KB	190ms 190ms	XHR application/json	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/api/Resource/GetLanguageRerouces?cultureCode=en-US&brandId=411&_=1732163990455 Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/bundles/Login?v=ZIvEjwT6svfwFVW_NdCBFf2ADaWYum_vbZNrnJcH2Wg1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8002884d5624f14056c2b068ee0d406bf40509cea6424d3aaf552fdcc4b75b72 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://client03-fundmgmt.coop.test.360incentives.io/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Response headers cf-cache-status DYNAMIC access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-content-type-options nosniff expires -1 date Thu, 21 Nov 2024 04:39:51 GMT content-type application/json; charset=utf-8 x-frame-options SAMEORIGIN access-control-allow-headers Origin,X-Requested-With,Content-Type strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control no-cache pragma no-cache cf-ray 8e5dff8f4bdfd364-FRA access-control-allow-origin * content-length 242798 x-xss-protection 1; mode=block server cloudflare
GET H2	200	GetEnableSelfRegistration Show response client03-fundmgmt.coop.test.360incentives.io/Admin/	5 B 232 B	210ms 209ms	XHR application/json	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/Admin/GetEnableSelfRegistration?groupID=9 Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/bundles/angular?v=8gRWX-t0wIQQcx58CyvMveKm-iEkSyScKlIjvmX291A1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://client03-fundmgmt.coop.test.360incentives.io/ Response headers cf-cache-status DYNAMIC access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-content-type-options nosniff expires Thu, 21 Nov 2024 04:39:51 GMT date Thu, 21 Nov 2024 04:39:51 GMT content-type application/json; charset=utf-8 last-modified Thu, 21 Nov 2024 04:39:51 GMT vary * x-frame-options SAMEORIGIN access-control-allow-headers Origin,X-Requested-With,Content-Type strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control public, no-store, max-age=0 cf-ray 8e5dff92f884d364-FRA access-control-allow-origin * content-length 5 x-xss-protection 1; mode=block server cloudflare
GET H2	200	GetPrivacyPolicybyType Show response client03-fundmgmt.coop.test.360incentives.io/Admin/	526 B 761 B	206ms 206ms	XHR application/json	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/Admin/GetPrivacyPolicybyType?privacyPolicyType=ALL&brandId=0&langCode= Requested by Host: client03-fundmgmt.coop.test.360incentives.io URL: https://client03-fundmgmt.coop.test.360incentives.io/bundles/angular?v=8gRWX-t0wIQQcx58CyvMveKm-iEkSyScKlIjvmX291A1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 490cf8f99bc3fb4d93889e0da3bbb590d09121694151c4a3f205ba8b24792a09 Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://client03-fundmgmt.coop.test.360incentives.io/ Response headers cf-cache-status DYNAMIC access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-content-type-options nosniff expires Thu, 21 Nov 2024 04:39:51 GMT date Thu, 21 Nov 2024 04:39:51 GMT content-type application/json; charset=utf-8 last-modified Thu, 21 Nov 2024 04:39:51 GMT vary * x-frame-options SAMEORIGIN access-control-allow-headers Origin,X-Requested-With,Content-Type strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control public, no-store, max-age=0 cf-ray 8e5dff92f885d364-FRA access-control-allow-origin * content-length 526 x-xss-protection 1; mode=block server cloudflare
GET H2	200	Favicon client03-fundmgmt.coop.test.360incentives.io/client/	7 KB 7 KB	169ms 168ms	Other image/x-icon	2606:4700:7::23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client03-fundmgmt.coop.test.360incentives.io/client/Favicon?isClient=True&t=11202024233949 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f89ae810196b8d796556d8b388daf83199a8c02ccdf7d1db4f271742b201befc Security Headers Name Value Content-Security-Policy default-src: https:; frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://client03-fundmgmt.coop.test.360incentives.io/ Response headers cf-cache-status DYNAMIC access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS x-content-type-options nosniff expires Thu, 21 Nov 2024 04:39:51 GMT date Thu, 21 Nov 2024 04:39:51 GMT content-type image/x-icon last-modified Thu, 21 Nov 2024 04:39:51 GMT vary * x-frame-options SAMEORIGIN access-control-allow-headers Origin,X-Requested-With,Content-Type strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src: https:; frame-ancestors 'self' cache-control public, no-store, max-age=0 cf-ray 8e5dff94eac8d364-FRA access-control-allow-origin * content-length 7406 x-xss-protection 1; mode=block server cloudflare

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| kendo object| KendoLicensing function| GetAllResources function| dialogfunction function| dialogfunctionWithOutClose function| GetPermission function| MM_goToURL function| OpenWindow function| ToJavaScriptDate function| ValidateDate function| ValidateFullDate function| AddingDaysToTextFormatDate function| ValidateStartDate function| ValidateEndDate function| CloseBrowerCompatability function| getFormattedDate function| getNumberFromFormattedCurrencyString function| getMaxDate function| getMinDate function| hasInValidValue function| resolveInitialData function| loadResources function| generateUniqueId function| clean function| GetEnglishResources function| IsUserTitleExists function| IsValidGroupURL function| GetPeriodAssingnment function| GetCustomerGroupId function| getExactMatch function| GetCapRules function| GetApprovedClaimsAmount function| addTargetBlank function| GetLanguages function| GetBrandTnCAcknowledgements function| GetTermsAndConditionsActive function| GetTnCAckonwledgementByCulture function| AttributesValidation string| hostAddress object| Resources object| LangKeys object| hurl string| code string| requiredfield_class string| red_text string| accordianCls string| vendorUserTitle string| iqenseSuperUserTitle string| dealerUserTitle string| readOnlyUserTitle object| onlyNumbers object| DateRegEx object| EmailPattern object| WedAddressPattern object| onlyNumbersandLetters object| NumbersLettersandSpecialCharacters number| uploadFilesLimitforSingleTime string| FileNameofClaimSearch object| BookmarkedRecordType object| ObjectType object| MediaDocumentTypes object| FundPeriodAssignment object| ControlMaximumActivityEndDateby object| ReserveBalanceAt object| ShowHideFundsDropDownScreen number| MaxBudgetPercentage number| ManimumBudgetPercentage object| FundApprovalStatus object| TransTypes object| FundTypes object| comparisonOperators object| PlanActivity object| PAStatus object| CampaignSelection object| CampaignRequired object| PermissionTypes object| UserTitles object| FileDocType object| BrandLanguages object| lstTnCAcknowledgements function| saveAs object| angular function| moment function| SetTestingIdsLogin function| SetTestIDLogin function| SetTestingIdsFooter function| SetTestIDFooter object| myApp string| contentAddress string| sessionTimeOut string| SessionExpireRemainderMinutes string| logoutUrl string| brandId string| clientGuid string| brandGuid

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			client03-fundmgmt.coop.test.360incentives.io/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: uhpmkkmuuq1mmx4ib4vs4ijd
			.client03-fundmgmt.coop.test.360incentives.io/	1970-01-21 01:09:25	Name: __cf_bm Value: G2_DmTXfy6Xe6imwArINwJl1e.qPIWvKMrSna8lDFVo-1732163989-1.0.1.1-N9KAllH8KSAUfkPoxKp4oHE34xt2eqOC8wH9AS4PXtJF._c8iXzP8LiXfgzO0h0tflMEEr8RupwPCRBRPTYMvQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://client03-fundmgmt.coop.test.360incentives.io/ Message: The Content-Security-Policy directive name 'default-src:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
recommendation	verbose	URL: https://client03-fundmgmt.coop.test.360incentives.io/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src: https:; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client03-fundmgmt.coop.test.360incentives.io
g5cso61lbdnaswuamcuquw6k.z19.web.core.windows.net
20.60.245.198
2606:4700:7::23
009a653121734b439abf2d5ef7ba0519c457ba504997ae92a5d6dbc11e9728c2
12fb7bad1e1f83be5041f3b640fb2726870d01a648fdf7bd945d9dc37a9323c0
40ba0cfeb335ffd714afafa8fb05773e25f6094f462c354f12f8f32838fbf8f7
490cf8f99bc3fb4d93889e0da3bbb590d09121694151c4a3f205ba8b24792a09
59ba07d8f804148e70eeb23cc79e8fb5f16895c35eff5471b6af42ea7661f8d3
65d780bc2bd0ca6b5b2b6b44189b41028b1a29398e97feba9825e13f6b7f86a4
668e763dbd8cf860d831547dbb572b12fe1c4b61095c24578cb57c8104198c30
8002884d5624f14056c2b068ee0d406bf40509cea6424d3aaf552fdcc4b75b72
8d3a744532d1a54ed52c40a1408f478f67f8faed800220c778bac4f4ca2a3db5
9d6d5e3ed5dba44c425bba46ed666a310c7d6c92880075bbdfab299e5726ab90
b4a172348794f143519b092f2a4b83b577cdd83ad6ef55a45b31863d4a8f2119
dafb2cdc1af0ef24aed4510ca06ef898736e9be64ef3b884bc4401705c7cf83f
dbc1b18e4f562ec67ee35183073f7bc8abceb481802222df05b2e95a34532502
eceeb60527d7860b103c85610095a88c4e6198c30d1e9c80573516338a849443
f89ae810196b8d796556d8b388daf83199a8c02ccdf7d1db4f271742b201befc
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa