urlscan.io logo urlscan.io
SecurityTrails logo

www.controlpayadvanced.com Open in urlscan Pro
45.60.47.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.controlpayadvanced.com/
Effective URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Submission: On July 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 36 HTTP transactions. The main IP is 45.60.47.96, located in United States and belongs to INCAPSULA, US. The main domain is www.controlpayadvanced.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q2 on April 16th 2024. Valid for: 6 months.
This is the only time www.controlpayadvanced.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 37 45.60.47.96 19551 (INCAPSULA)
36 1
Apex Domain
Subdomains		 Transfer
37 controlpayadvanced.com
www.controlpayadvanced.com
1005 KB
36 1
Domain Requested by
37 www.controlpayadvanced.com 1 redirects www.controlpayadvanced.com
36 1

This site contains links to these domains. Also see Links.

Domain
www.wexinc.com
www.wexasia.com
www.w3.org
Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-04-16 -
2024-10-13		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Frame ID: 8C9A2159C65CB05FDF1CE377C61F178A
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Commerce | Commerce Bank Visa Card Maintenance

Page URL History Show full URLs

  1. https://www.controlpayadvanced.com/ HTTP 302
    https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /(?:([\d.])+/)?highlight(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

36
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1004 kB
Transfer

2597 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.controlpayadvanced.com/ HTTP 302
    https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request welcome.aspx
www.controlpayadvanced.com/
Redirect Chain
  • https://www.controlpayadvanced.com/
  • https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
53 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
36ba7ed946e88705843b0fa40e27eafe1c936aa0fcf2aa2911c5adbb99fa3b52
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-type
text/html; charset=utf-8
date
Tue, 09 Jul 2024 05:41:22 GMT
expires
-1
pragma
no-cache
referrer-policy
same-origin
server
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-iinfo
12-1135786-1135790 PNNN RT(1720503681743 391) q(0 0 0 -1) r(1 1) U12
x-xss-protection
1; mode=block

Redirect headers

cache-control
private
content-length
144
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-type
text/html; charset=utf-8
date
Tue, 09 Jul 2024 05:41:21 GMT
location
/welcome.aspx?ReturnUrl=%2f
referrer-policy
same-origin
server
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-iinfo
12-1135786-1135790 NNNN CT(80 163 0) RT(1720503681743 32) q(0 0 3 1) r(4 4) U11
x-xss-protection
1; mode=block
BrandedDynamicBootstrap.ashx
www.controlpayadvanced.com/AppResource/ 		337 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/AppResource/BrandedDynamicBootstrap.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
10274213b3162f12ce90cedc6326abbe4f945f6269aac169b4bd325f7d809e43
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
date
Tue, 09 Jul 2024 05:41:23 GMT
x-iinfo
12-1135786-1135800 NNNN CT(79 82 0) RT(1720503681743 589) q(0 0 1 -1) r(4 4) U18
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 08 Jul 2024 18:06:52 GMT
server
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public, max-age=900
expires
Tue, 09 Jul 2024 05:56:23 GMT
jquery
www.controlpayadvanced.com/bundles/ 		384 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/bundles/jquery?nocache=1AQoIwsSqM_-fQUza2eO_uyBpjbCXXnZ5kZQZL0ZqT01
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d40428230b12a8cffe7d05336b678efeec81a636c25d79d9e6465064bd19a93d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
date
Tue, 09 Jul 2024 05:41:23 GMT
x-iinfo
12-1135786-1135804 NNNN CT(78 79 0) RT(1720503681743 597) q(0 0 1 -1) r(3 3) U18
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 05:41:23 GMT
server
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
expires
Wed, 09 Jul 2025 05:41:23 GMT
bootstrap
www.controlpayadvanced.com/bundles/ 		185 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/bundles/bootstrap?nocache=Je5oUGWTaXLeIuyd_w2WSVGCXUBsfsiztI_2Lar9Udc1
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
25ee685065936972de22ec9dff0d964951825d406c7ec8b3b48ff62daafd51d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
date
Tue, 09 Jul 2024 05:41:23 GMT
x-iinfo
12-1135786-1135806 NNNN CT(80 80 0) RT(1720503681743 599) q(0 0 2 -1) r(3 3) U18
content-length
64637
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 05:41:23 GMT
server
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
expires
Wed, 09 Jul 2025 05:41:23 GMT
systemFramework
www.controlpayadvanced.com/bundles/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/bundles/systemFramework?nocache=6OYyKzg2PeFZ3WGTLmLDHilcYoxqNLdSy2YTG6njIic1
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e8e6322b38363de159dd61932e62c31e295c628c6a34b752cb66131ba9e32227
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
date
Tue, 09 Jul 2024 05:41:23 GMT
x-iinfo
12-1135786-1135808 NNNN CT(78 80 0) RT(1720503681743 600) q(0 0 2 -1) r(2 2) U18
content-length
3816
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 05:41:23 GMT
server
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
expires
Wed, 09 Jul 2025 05:41:23 GMT
siteCss
www.controlpayadvanced.com/bundles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/bundles/siteCss
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
16fa4a8e16131e4ea2a5842227449676caf4c2b3f262beef8c15ab00299ed868
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
date
Tue, 09 Jul 2024 05:41:22 GMT
x-iinfo
12-1135786-1135802 NNNN CT(79 81 0) RT(1720503681743 593) q(0 0 1 -1) r(2 2) U18
content-length
961
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 05:41:23 GMT
server
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public
expires
Wed, 09 Jul 2025 05:41:23 GMT
json.js
www.controlpayadvanced.com/appResource/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/appResource/js/json.js?nocache=RcP5FqxJM8KcpSrokNuUOnz6BjiY8qWx302pWkuEhIU1
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2be4ba82d96a5fa566af17cdbdfd5323fb39b7197e1659d9a722ad6054952143

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 05:41:23 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 14:02:42 GMT
x-cdn
Imperva
etag
"0ed1c3612a5d91:0"
content-type
application/javascript
x-iinfo
12-1135786-1135016 2VNN RT(1720503681743 601) q(0 2 2 -1) r(5 5) U18
cache-control
max-age=1, public
content-length
1838
expires
Tue, 09 Jul 2024 05:41:24 GMT
bluebird.min.js
www.controlpayadvanced.com/appResource/js/ 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/appResource/js/bluebird.min.js?nocache=6pyOHqCoTkRxvFnp5tQDoxi-QWbtMX6yaxAaDZ-NRnI1
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ea9c8e1ea0a84e4471bc59e9e6d403a318be4166ed317eb26b101a0d9f8d4672

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 05:41:23 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 14:02:40 GMT
x-cdn
Imperva
etag
"0c0eb3412a5d91:0"
content-type
application/javascript
x-iinfo
12-1135786-1134988 2VNN RT(1720503681743 603) q(0 2 2 -1) r(6 6) U18
cache-control
max-age=1, public
content-length
28908
expires
Tue, 09 Jul 2024 05:41:24 GMT
msal-browser.min.js
www.controlpayadvanced.com/appResource/js/ 		157 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/appResource/js/msal-browser.min.js?nocache=9kHWH0wPdQVPj7sIP2Ro1MAqb5XJa1zCZH4XwpZ2C301
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f641d61f4c0f75054f8fbb083f6468d4c02a6f95c96b5cc2647e17c296760b7d

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 05:41:23 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 14:02:42 GMT
x-cdn
Imperva
etag
"0ed1c3612a5d91:0"
content-type
application/javascript
x-iinfo
12-1135786-1135014 2VNN RT(1720503681743 604) q(0 4 4 -1) r(4 4) U18
cache-control
max-age=1, public
content-length
50189
expires
Tue, 09 Jul 2024 05:41:24 GMT
TfsAutoFilerUi.js
www.controlpayadvanced.com/appResource/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/appResource/js/TfsAutoFilerUi.js?nocache=sj5v2YNjIPHDlpt_Qsh0RLvXHZyGO33dFmIOLmeD-Ts1
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b23e6fd9836320f1c3969b7f42c87444bbd71d9c863b7ddd16620e2e6783f93b

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 05:41:23 GMT
content-encoding
gzip
last-modified
Fri, 29 Sep 2023 22:35:58 GMT
x-cdn
Imperva
etag
"0dbda5025f3d91:0"
content-type
application/javascript
x-iinfo
12-1135786-1134992 2VNN RT(1720503681743 606) q(0 4 4 -1) r(7 7) U18
cache-control
max-age=1, public
content-length
4014
expires
Tue, 09 Jul 2024 05:41:24 GMT
TfsIntegrationAPI.js
www.controlpayadvanced.com/appResource/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/appResource/js/TfsIntegrationAPI.js?nocache=yQsfBJ9A95kbXn-xAk2WQ3dDEN6g0y60fdhfgGjKjWM1
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
da0c5d15b2d2e951c676864e8e46bd567d29a7381a14c272ea265031efd70112

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 05:41:23 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 14:02:40 GMT
x-cdn
Imperva
etag
"0c0eb3412a5d91:0"
content-type
application/javascript
x-iinfo
12-1135786-1135014 2VNN RT(1720503681743 607) q(0 5 5 -1) r(5 5) U18
cache-control
max-age=1, public
content-length
2346
expires
Tue, 09 Jul 2024 05:41:24 GMT
TestRailAPI.js
www.controlpayadvanced.com/appResource/js/ 		910 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/appResource/js/TestRailAPI.js?nocache=sFUiY4-rGGyIJSsWN2E5geejgdUxxxRaW-jgDMW3vR41
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f227dc13663ea5d3d2ed0985d76e1eb99abac55174f132742d8458bfff1c32cc

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 05:41:23 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 14:02:40 GMT
x-cdn
Imperva
etag
"0c0eb3412a5d91:0"
content-type
application/javascript
x-iinfo
12-1135786-1134389 2VNN RT(1720503681743 609) q(0 5 5 -1) r(7 7) U18
cache-control
max-age=1, public
content-length
629
expires
Tue, 09 Jul 2024 05:41:24 GMT
miniDom.js
www.controlpayadvanced.com/appResource/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/appResource/js/miniDom.js?nocache=CIJrqYZ8lc-NmW5b3yJMu8r67Y9C8CX7mqlOs_SX64E1
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
08826ba9867c95cf8d996e5bdf224cbbcafaed8f42f025fb9aa94eb3f497eb81

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 05:41:23 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 14:02:42 GMT
x-cdn
Imperva
etag
"0ed1c3612a5d91:0"
content-type
application/javascript
x-iinfo
12-1135786-1132697 2VNN RT(1720503681743 611) q(0 5 5 -1) r(8 8) U18
cache-control
max-age=1, public
content-length
5949
expires
Tue, 09 Jul 2024 05:41:24 GMT
validation.js
www.controlpayadvanced.com/appResource/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/appResource/js/validation.js?nocache=7_lW4xn7tsCJeOWjX1C54KC5rBDUoeq-oA5cXaahEMQ1
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a2683d9bb4b2aecedaa8e6b2a8cbc9baa2f47eb3be1c181c269e77a1fe4d4923

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 05:41:23 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 14:02:42 GMT
x-cdn
Imperva
etag
"0ed1c3612a5d91:0"
content-type
application/javascript
x-iinfo
12-1135786-1134988 2VNN RT(1720503681743 611) q(0 6 6 -1) r(7 7) U18
cache-control
max-age=1, public
content-length
1843
expires
Tue, 09 Jul 2024 05:41:24 GMT
html2canvas.js
www.controlpayadvanced.com/appResource/js/ 		162 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/appResource/js/html2canvas.js?nocache=VjxofsSU8HnrVbbOTupPgP4SZhmJcs9_T5HxVXdRK0A1
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
563c687ec494f079eb55b6ce4eea4f80fe1266198972cf7f4f91f15577512b40

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 05:41:23 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 14:02:42 GMT
x-cdn
Imperva
etag
"0ed1c3612a5d91:0"
content-type
application/javascript
x-iinfo
12-1135786-1134990 2VNN RT(1720503681743 612) q(0 7 7 -1) r(9 9) U18
cache-control
max-age=1, public
content-length
53757
expires
Tue, 09 Jul 2024 05:41:24 GMT
search
www.controlpayadvanced.com/bundles/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/bundles/search?nocache=o0QZO7Ww64os-ZLWT4J2V4POrSzRDtR-MfZBeUMD7c41
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a344193bb5b0eb8a2cf992d64f82765783cead2cd10ed47e31f641794303edce
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
date
Tue, 09 Jul 2024 05:41:23 GMT
x-iinfo
12-1135786-1135800 PNNN RT(1720503681743 613) q(0 7 7 -1) r(8 8) U18
content-length
8441
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 05:41:23 GMT
server
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
expires
Wed, 09 Jul 2025 05:41:23 GMT
sticky.js
www.controlpayadvanced.com/appResource/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/appResource/js/sticky.js?nocache=_Cc_1iol1QomrEgRcmFGPctiZVy6FsDiQlCOlYsV9oM1
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6c09acc3d5ae9526ab9aaeb5e8645c42522b62fc5b62f9d64265a80166ed0970

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 05:41:23 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 14:02:42 GMT
x-cdn
Imperva
etag
"0ed1c3612a5d91:0"
content-type
application/javascript
x-iinfo
12-1135786-1134988 2VNN RT(1720503681743 614) q(0 7 7 -1) r(8 8) U18
cache-control
max-age=1, public
content-length
2629
expires
Tue, 09 Jul 2024 05:41:24 GMT
modal
www.controlpayadvanced.com/bundles/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/bundles/modal?nocache=G3FRSS4MKo7bc667h4A_aDVVO8Ov3PK8CILrFkzCSNg1
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1b7151492e0c2a8edb73aebb87803f6835553bc3afdcf2bc0882eb164cc248d8
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
date
Tue, 09 Jul 2024 05:41:23 GMT
x-iinfo
12-1135786-1135804 PNNN RT(1720503681743 614) q(0 7 7 -1) r(9 9) U18
content-length
3387
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 05:41:23 GMT
server
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
expires
Wed, 09 Jul 2025 05:41:23 GMT
controls
www.controlpayadvanced.com/bundles/ 		229 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/bundles/controls?nocache=2C4ha8fZX4TMRZJscq4fF1hVXHynIogmf8ja7cxXFK41
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d82e216bc7d95f84cc45926c72ae1f1758555c7ca72288267fc8daedcc5714ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
date
Tue, 09 Jul 2024 05:41:23 GMT
x-iinfo
12-1135786-1135806 PNNN RT(1720503681743 615) q(0 7 7 -1) r(8 8) U18
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 05:41:23 GMT
server
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
expires
Wed, 09 Jul 2025 05:41:23 GMT
timeoutWarning.js
www.controlpayadvanced.com/appResource/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/appResource/js/timeoutWarning.js?nocache=Tn4mtA4iJQDBLlRkm8zIXWWwq_fmO5kiApur1AbyfOA1
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4e7e26b40e222500c12e54649bccc85d65b0abf7e63b9922029babd406f27ce0

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 05:41:23 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 14:02:42 GMT
x-cdn
Imperva
etag
"0ed1c3612a5d91:0"
content-type
application/javascript
x-iinfo
12-1135786-1135014 2VNN RT(1720503681743 616) q(0 8 8 -1) r(9 9) U18
cache-control
max-age=1, public
content-length
2185
expires
Tue, 09 Jul 2024 05:41:24 GMT
default.css
www.controlpayadvanced.com/appResource/highlight-js/styles/ 		959 B
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/appResource/highlight-js/styles/default.css?nocache=EwgGp2mDRF7zv2xdq9FGJ24hHNrc-Uk8DPB7B0C2F-I1
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5893d5201dd33d0feb95bcd6284f840377162f38ae91bd29c3378d80cc390b1f

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 05:41:22 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 14:02:40 GMT
x-cdn
Imperva
etag
"0c0eb3412a5d91:0"
content-type
text/css
x-iinfo
12-1135786-1135014 2VNN RT(1720503681743 610) q(0 0 0 -1) r(3 3) U18
cache-control
max-age=1, public
content-length
510
expires
Tue, 09 Jul 2024 05:41:23 GMT
highlight.min.js
www.controlpayadvanced.com/appResource/highlight-js/ 		50 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/appResource/highlight-js/highlight.min.js?nocache=PEMKctA-cT35ftVObx_ZCCY7Sw-qRd7RxxbgC5sDE3s1
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a67598b40f34ce04a3f69faa0bafbf6dbd9fc9adf5a465f4300f7b31e61ceb20

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 05:41:23 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 14:02:40 GMT
x-cdn
Imperva
etag
"0c0eb3412a5d91:0"
content-type
application/javascript
x-iinfo
12-1135786-1134988 2VNN RT(1720503681743 617) q(0 8 8 -1) r(9 9) U18
cache-control
max-age=1, public
content-length
24629
expires
Tue, 09 Jul 2024 05:41:24 GMT
bootstraptable
www.controlpayadvanced.com/bundles/ 		277 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/bundles/bootstraptable?nocache=6_VGszviDpmTSk-8YMIOcFALs_yKUSLNfb8CcEGjlq81
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ebf546b33be20e99934a4fbc60c20e70500bb3fc8a5122cd7dbf027041a396af
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
date
Tue, 09 Jul 2024 05:41:23 GMT
x-iinfo
12-1135786-1135800 PNNN RT(1720503681743 618) q(0 8 8 -1) r(9 9) U18
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 05:41:23 GMT
server
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
expires
Wed, 09 Jul 2025 05:41:23 GMT
WebResource.axd
www.controlpayadvanced.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZLkj8Y_am50hQ9Bp4Ej0HLzxlLB1ulmAGBOry8Ijo4uxT7d0cQ2&t=638459680569584809
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
date
Tue, 09 Jul 2024 05:41:23 GMT
x-iinfo
12-1135786-1135808 PNNN RT(1720503681743 618) q(0 9 9 -1) r(10 10) U18
content-length
6007
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 14 Mar 2024 03:07:36 GMT
server
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public
expires
Tue, 08 Jul 2025 12:26:48 GMT
ScriptResource.axd
www.controlpayadvanced.com/ 		26 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1LvtZBXKuMVRuSHCMaJ7-aNQP598Ajl2nrx7UVb50wJUJNYVQadNNF6_ZhrCDEJ7pDBsMNyX2QfkUrp0bvo1v-PJ-XRMPxh0s7PtwDLAwmApH17CJQ2&t=ffffffffa8ad04d3
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
date
Tue, 09 Jul 2024 05:41:23 GMT
x-iinfo
12-1135786-1135802 PNNN RT(1720503681743 619) q(0 9 9 -1) r(10 10) U18
content-length
5479
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 08 Jul 2024 12:26:48 GMT
server
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public
expires
Tue, 08 Jul 2025 12:26:48 GMT
ScriptResource.axd
www.controlpayadvanced.com/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvqsSbsYI7EoTxotYcCjX0zXUWZ6RMpLqZ-atjFoQ_ZHpNUeG2pTlb8io6ZzvcscHPFEVhIRS-G_C59zp70HRFUD3Ifp35O5XND5UG6ushDGk6NeSz6Ew87Yq1gy2MqWYSxAUm2U1&t=74258c30
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
date
Tue, 09 Jul 2024 05:41:23 GMT
x-iinfo
12-1135786-1135804 PNNN RT(1720503681743 620) q(0 9 9 -1) r(10 10) U18
content-length
25609
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 00:28:28 GMT
server
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public
expires
Wed, 09 Jul 2025 00:28:28 GMT
ScriptResource.axd
www.controlpayadvanced.com/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OGxhVjl5BJ9l5syHhWAkVD96WRgK9cnS6wCN8kpYViry-YXVOygE5hnARBC3ykF5lZAvsRrMkzCVqvg2JM9sC4Po4AxYdaat3XELpD__4oPVhyMsUT9oQABA7oyKHwnBrpLy6pY1&t=74258c30
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
date
Tue, 09 Jul 2024 05:41:23 GMT
x-iinfo
12-1135786-1135790 PNNN RT(1720503681743 621) q(0 9 9 -1) r(10 10) U18
content-length
9984
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 08 Jul 2024 12:52:54 GMT
server
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public
expires
Tue, 08 Jul 2025 12:52:54 GMT
_Incapsula_Resource
www.controlpayadvanced.com/ 		146 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1397551987
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
bdcec7fd885b502703ca91623dedfc505c74b082577706524578e1946ac03a2e

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
21012
content-type
application/javascript
BrandedImage.ashx
www.controlpayadvanced.com/AppResource/Graphic/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.controlpayadvanced.com/AppResource/Graphic/BrandedImage.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6&t=LoginBackground
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/AppResource/BrandedDynamicBootstrap.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4d1a2464c946c25ecdecc7370e453f2b8e725d2959390e71547f38579ddf6085
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/AppResource/BrandedDynamicBootstrap.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 09 Jul 2024 05:41:23 GMT
server
date
Tue, 09 Jul 2024 05:41:23 GMT
x-cdn
Imperva
x-frame-options
SAMEORIGIN
content-type
image/png
x-iinfo
12-1135786-1135790 PNNN RT(1720503681743 1722) q(0 0 0 -1) r(1 1) U18
cache-control
public, max-age=900
content-length
60075
x-xss-protection
1; mode=block
expires
Tue, 09 Jul 2024 05:56:23 GMT
BrandedImage.ashx
www.controlpayadvanced.com/AppResource/Graphic/ 		21 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.controlpayadvanced.com/AppResource/Graphic/BrandedImage.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6&t=LoginLogo
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/AppResource/BrandedDynamicBootstrap.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
24e5e6594951eb225f7c1ebad96ac58ee9007d1aee92c857e7bd9138fcf2e531
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/AppResource/BrandedDynamicBootstrap.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 09 Jul 2024 05:41:24 GMT
server
date
Tue, 09 Jul 2024 05:41:24 GMT
content-encoding
gzip
x-cdn
Imperva
x-frame-options
SAMEORIGIN
content-type
image/svg+xml;charset=utf8
x-iinfo
12-1135786-1135806 PNYN RT(1720503681743 1726) q(0 0 0 -1) r(6 6) U18
cache-control
public, max-age=900
x-xss-protection
1; mode=block
expires
Tue, 09 Jul 2024 05:56:24 GMT
OpenSans-Regular.woff2
www.controlpayadvanced.com/AppResource/scss/custom/open-sans/fonts/Regular/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/AppResource/scss/custom/open-sans/fonts/Regular/OpenSans-Regular.woff2?v=1.1.0
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/AppResource/BrandedDynamicBootstrap.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/AppResource/BrandedDynamicBootstrap.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6
Origin
https://www.controlpayadvanced.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 09 Jul 2024 05:41:24 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2023 14:02:42 GMT
server
x-cdn
Imperva
etag
"0ed1c3612a5d91:0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
x-iinfo
12-1135786-1135804 PNNN RT(1720503681743 1765) q(0 0 0 -1) r(1 1) U2
cache-control
no-cache
accept-ranges
bytes
content-length
47016
x-xss-protection
1; mode=block
OpenSans-Semibold.woff2
www.controlpayadvanced.com/AppResource/scss/custom/open-sans/fonts/Semibold/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/AppResource/scss/custom/open-sans/fonts/Semibold/OpenSans-Semibold.woff2?v=1.1.0
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/AppResource/BrandedDynamicBootstrap.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
df0231affb521137bf135898b6ce4c2ce59a79e3e23068a673868366c7ac68bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/AppResource/BrandedDynamicBootstrap.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6
Origin
https://www.controlpayadvanced.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 09 Jul 2024 05:41:24 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2023 14:02:42 GMT
server
x-cdn
Imperva
etag
"0ed1c3612a5d91:0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
x-iinfo
12-1135786-1135800 PNNN RT(1720503681743 1769) q(0 0 0 -1) r(1 1) U2
cache-control
no-cache
accept-ranges
bytes
content-length
63728
x-xss-protection
1; mode=block
fa-regular-400.woff2
www.controlpayadvanced.com/AppResource/scss/custom/third-party/fontawesome-free-5.5.0-web/webfonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/AppResource/scss/custom/third-party/fontawesome-free-5.5.0-web/webfonts/fa-regular-400.woff2
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/AppResource/BrandedDynamicBootstrap.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
92ba7bfaa43a35c94353e96860d99376313ee9b5fce6124d4e64067280f9a841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/AppResource/BrandedDynamicBootstrap.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6
Origin
https://www.controlpayadvanced.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 09 Jul 2024 05:41:23 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2023 14:02:44 GMT
server
x-cdn
Imperva
etag
"01a4e3712a5d91:0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
x-iinfo
12-1135786-1135802 PNNN RT(1720503681743 1772) q(0 0 0 -1) r(1 1) U2
cache-control
no-cache
accept-ranges
bytes
content-length
14844
x-xss-protection
1; mode=block
OpenSans-Bold.woff2
www.controlpayadvanced.com/AppResource/scss/custom/open-sans/fonts/Bold/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/AppResource/scss/custom/open-sans/fonts/Bold/OpenSans-Bold.woff2?v=1.1.0
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/AppResource/BrandedDynamicBootstrap.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/AppResource/BrandedDynamicBootstrap.ashx?d=0&version=3CBD9362D94D4F7283465C626F70A62D%7c0%7c6
Origin
https://www.controlpayadvanced.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 09 Jul 2024 05:41:24 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2023 14:02:42 GMT
server
x-cdn
Imperva
etag
"0ed1c3612a5d91:0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
x-iinfo
12-1135786-1135808 PNNN RT(1720503681743 1774) q(0 0 0 -1) r(1 1) U2
cache-control
no-cache
accept-ranges
bytes
content-length
46676
x-xss-protection
1; mode=block
_Incapsula_Resource
www.controlpayadvanced.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.controlpayadvanced.com/_Incapsula_Resource?SWKMTFSR=1&e=0.4512558782588658
Requested by
Host: www.controlpayadvanced.com
URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
FavIcon.ashx
www.controlpayadvanced.com/appResource/graphic/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.controlpayadvanced.com/appResource/graphic/FavIcon.ashx?version=3CBD9362D94D4F7283465C626F70A62D|0|6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.47.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
110c2ea038de7e30e90e62c8877803fd7b6a7c3997f4419a71f17d9086cebce7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 09 Jul 2024 05:41:24 GMT
server
date
Tue, 09 Jul 2024 05:41:24 GMT
x-cdn
Imperva
x-frame-options
SAMEORIGIN
content-type
image/png
x-iinfo
12-1135786-1135806 PNNN RT(1720503681743 2391) q(0 0 0 -1) r(1 1) U18
cache-control
public, max-age=900
content-length
4565
x-xss-protection
1; mode=block
expires
Tue, 09 Jul 2024 05:56:24 GMT

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| moment function| Class function| AddFileSelectEvent object| ResponsiveBootstrapToolkit function| _typeof boolean| windowIsDefined function| Popper object| bootstrap function| Slider object| SystemFramework object| EncompassBootstrap string| app_path string| id_prefix function| get_id string| encompassApiRootUrl string| tabHeaderTextInvalidCss string| verticalTabHeaderButtonInvalidCss string| tabHeaderTextWarningCss string| lang object| Strings function| P object| msal object| DisplayBug object| TfsAutoFilerUI object| TfsIntegrationAPI object| TestRailAPI object| miniDom function| CheckAllDataGridCheckBoxes function| ToggleCheckboxes function| ToggleTMCheckboxes function| SelectNewQuestion function| ResetDDLData function| findAndRemove function| html2canvas object| SearchBuilder object| SearchDisplay object| SearchAsync function| floatMe function| stickyScrollBar function| sizeFakeScrollbar function| toggleFakeScrollbar object| Sticky object| Modal object| ModalHelper object| IFrameBridge object| IFrameModal function| ToggleSlider function| validationAttributeModified function| changeCollapseText function| removeOptionalTagForLegend function| toggleSideNav function| stripDashesAndWhiteSpaceOnPaste function| windowBottom function| isNullOrWhitespace function| setOFACValidatorsFromRBL function| displaySelectedDateRanges function| passwordComplexity function| evaluatePasswordComplexity function| showSuccessOrFail function| addRemoveClass function| actionLinkMove function| changeRowColor function| RegisterVerticalValidation function| observerValidators function| validatorAttributeModified function| evaluateAccordionValidation function| evaluateTabValidation function| scrollToAccordionPanel function| RegisterExpandCollapseAll function| performExpandCollapseAll function| evaluateExpandCollapseAll function| forceFocus function| readChange function| formatCurrency function| countDecimals function| initializeCurrencyFormatter object| HierarchyExplorer object| EncompassChart object| EncompassWYSIWYGFactory function| CheckboxManager object| EnabledStateManagerEvents function| EnabledStateManager function| RadioButtonEnabledStateManager function| Color function| Chart object| EncompassSessionInfo function| DebugForceShow function| evaluateCountdown function| resetWarningModal function| stopEvaluationTimer function| startEvaluationTimer function| stopWarningTimer function| startWarningTimer function| stopSessionExpireTimer function| startSessionExpireTimer function| restoreTitle function| blinkTitle function| refresh function| showWarning function| sessionExpire function| formatTime function| getCookie object| hljs object| $jscomp object| EncompassTable object| EncompassTable_FinancialCodes function| BootstrapTable function| saveAs object| FileSaver object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| Page_ValidationVer boolean| Page_IsValid object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events function| WebForm_OnSubmit function| EndRequestHandler function| showHidePassword object| Page_ValidationSummaries object| Page_Validators object| ctl00_ValidationSummary object| ctl00_contents_ctl01 object| ctl00_contents_ctl03 object| ctl00_contents_ctl05 boolean| Page_ValidationActive function| ValidatorOnSubmit

4 Cookies

Domain/Path Name / Value
.controlpayadvanced.com/ Name: visid_incap_1819748
Value: kJg6nYTmTOuTMuM6t8yj74HNjGYAAAAAQUIPAAAAAAC/0lsw8XTCP1GQF88e+Xy+
.controlpayadvanced.com/ Name: incap_ses_1106_1819748
Value: SwOSTuLE5SKk5WwqO01ZD4LNjGYAAAAA7s21hFl0P/4aURkQlRIVPg==
www.controlpayadvanced.com/ Name: ASP.NET_SessionId
Value: 4gtahechjptghangoyi14yvh
.controlpayadvanced.com/ Name: login
Value: username=&orgGroupLoginId=

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://www.controlpayadvanced.com/welcome.aspx?ReturnUrl=%2f
Message:
[DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://dev.azure.com https://login.microsoftonline.com/ https://spsprodcus2.vssps.visualstudio.com https://www.datadoghq-browser-agent.com http://www.datadoghq-browser-agent.com https://rum.browser-intake-datadoghq.com http://rum.browser-intake-datadoghq.com https://prefund-reporting.PROD.encompass-suite.com https://prefund-reporting-api.PROD.encompass-suite.com https://owi-internal.internal-PROD.wexcp.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4558985839575040.storage.googleapis.com data.pendo.io; worker-src 'self' blob http://www.google-analytics.com https://www.google-analytics.com http://cdn.appdynamics.com https://cdn.appdynamics.com http://col.eum-appdynamics.com https://col.eum-appdynamics.com https://tfs.encompass.ninja https://www.youtube.com; frame-ancestors 'self' app.pendo.io; child-src app.pendo.io; frame-src 'self' app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.controlpayadvanced.com
45.60.47.96
08826ba9867c95cf8d996e5bdf224cbbcafaed8f42f025fb9aa94eb3f497eb81
10274213b3162f12ce90cedc6326abbe4f945f6269aac169b4bd325f7d809e43
110c2ea038de7e30e90e62c8877803fd7b6a7c3997f4419a71f17d9086cebce7
16fa4a8e16131e4ea2a5842227449676caf4c2b3f262beef8c15ab00299ed868
1b7151492e0c2a8edb73aebb87803f6835553bc3afdcf2bc0882eb164cc248d8
24e5e6594951eb225f7c1ebad96ac58ee9007d1aee92c857e7bd9138fcf2e531
25ee685065936972de22ec9dff0d964951825d406c7ec8b3b48ff62daafd51d7
2be4ba82d96a5fa566af17cdbdfd5323fb39b7197e1659d9a722ad6054952143
36ba7ed946e88705843b0fa40e27eafe1c936aa0fcf2aa2911c5adbb99fa3b52
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
4d1a2464c946c25ecdecc7370e453f2b8e725d2959390e71547f38579ddf6085
4e7e26b40e222500c12e54649bccc85d65b0abf7e63b9922029babd406f27ce0
563c687ec494f079eb55b6ce4eea4f80fe1266198972cf7f4f91f15577512b40
5893d5201dd33d0feb95bcd6284f840377162f38ae91bd29c3378d80cc390b1f
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6c09acc3d5ae9526ab9aaeb5e8645c42522b62fc5b62f9d64265a80166ed0970
92ba7bfaa43a35c94353e96860d99376313ee9b5fce6124d4e64067280f9a841
a2683d9bb4b2aecedaa8e6b2a8cbc9baa2f47eb3be1c181c269e77a1fe4d4923
a344193bb5b0eb8a2cf992d64f82765783cead2cd10ed47e31f641794303edce
a67598b40f34ce04a3f69faa0bafbf6dbd9fc9adf5a465f4300f7b31e61ceb20
b23e6fd9836320f1c3969b7f42c87444bbd71d9c863b7ddd16620e2e6783f93b
bdcec7fd885b502703ca91623dedfc505c74b082577706524578e1946ac03a2e
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
d40428230b12a8cffe7d05336b678efeec81a636c25d79d9e6465064bd19a93d
d82e216bc7d95f84cc45926c72ae1f1758555c7ca72288267fc8daedcc5714ae
da0c5d15b2d2e951c676864e8e46bd567d29a7381a14c272ea265031efd70112
df0231affb521137bf135898b6ce4c2ce59a79e3e23068a673868366c7ac68bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e6322b38363de159dd61932e62c31e295c628c6a34b752cb66131ba9e32227
ea9c8e1ea0a84e4471bc59e9e6d403a318be4166ed317eb26b101a0d9f8d4672
ebf546b33be20e99934a4fbc60c20e70500bb3fc8a5122cd7dbf027041a396af
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f227dc13663ea5d3d2ed0985d76e1eb99abac55174f132742d8458bfff1c32cc
f641d61f4c0f75054f8fbb083f6468d4c02a6f95c96b5cc2647e17c296760b7d