Submitted URL: https://demo.xloc.com/
Effective URL: https://demo.xloc.com/DesktopDefault.aspx
Submission Tags: falconsandbox
Submission: On June 23 via api from US — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 64.239.255.108, located in Fort Mill, United States and belongs to ASN-VINS, US. The main domain is demo.xloc.com.
TLS certificate: Issued by DigiCert EV RSA CA G2 on June 5th 2023. Valid for: a year.
This is the only time demo.xloc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 20 64.239.255.108 13649 (ASN-VINS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
20 3
Apex Domain
Subdomains
Transfer
20 xloc.com
demo.xloc.com
1 MB
2 gstatic.com
fonts.gstatic.com
97 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80
1 KB
20 3
Domain Requested by
20 demo.xloc.com 3 redirects demo.xloc.com
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com demo.xloc.com
20 3

This site contains no links.

Subject Issuer Validity Valid
kwstokyo.xloc.com
DigiCert EV RSA CA G2
2023-06-05 -
2024-06-17
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-05-29 -
2023-08-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-05-29 -
2023-08-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://demo.xloc.com/DesktopDefault.aspx
Frame ID: B4DCED36318F840DE1CA897EFCADC7B8
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

XLOC Localizations

Page URL History Show full URLs

  1. https://demo.xloc.com/ HTTP 302
    https://demo.xloc.com/DesktopDefault.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE

Overall confidence: 100%
Detected patterns
  • <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Overall confidence: 100%
Detected patterns
  • <link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
  • sweetalert2(?:\.all)?(?:\.min)?\.js

Page Statistics

20
Requests

95 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1547 kB
Transfer

3380 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://demo.xloc.com/ HTTP 302
    https://demo.xloc.com/DesktopDefault.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://demo.xloc.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3ade-DE%3a9ddf364d-d65d-4f01-a69e-8b015049e026%3aea597d4b%3ab25378d2%3bTelerik.Web.UI%2c+Version%3d2022.1.119.45%2c+Culture%3dneutral%2c+PublicKeyToken%3d121fae78165ba3d4%3ade-DE%3af00be9f9-5d75-4a4b-891e-b5c0e5b2a8e2%3a16e4e7cd%3aed16cbdc%3af7645509%3a88144a7a HTTP 302
  • https://demo.xloc.com/login.aspx?ReturnUrl=%2fTelerik.Web.UI.WebResource.axd%3f_TSM_HiddenField_%3dRadScriptManager1_TSM%26compress%3d1%26_TSM_CombinedScripts_%3d%253b%253bSystem.Web.Extensions%252c%2bVersion%253d4.0.0.0%252c%2bCulture%253dneutral%252c%2bPublicKeyToken%253d31bf3856ad364e35%253ade-DE%253a9ddf364d-d65d-4f01-a69e-8b015049e026%253aea597d4b%253ab25378d2%253bTelerik.Web.UI%252c%2bVersion%253d2022.1.119.45%252c%2bCulture%253dneutral%252c%2bPublicKeyToken%253d121fae78165ba3d4%253ade-DE%253af00be9f9-5d75-4a4b-891e-b5c0e5b2a8e2%253a16e4e7cd%253aed16cbdc%253af7645509%253a88144a7a&_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3ade-DE%3a9ddf364d-d65d-4f01-a69e-8b015049e026%3aea597d4b%3ab25378d2%3bTelerik.Web.UI%2c+Version%3d2022.1.119.45%2c+Culture%3dneutral%2c+PublicKeyToken%3d121fae78165ba3d4%3ade-DE%3af00be9f9-5d75-4a4b-891e-b5c0e5b2a8e2%3a16e4e7cd%3aed16cbdc%3af7645509%3a88144a7a HTTP 302
  • https://demo.xloc.com/DesktopDefault.aspx?aspxerrorpath=/login.aspx

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request DesktopDefault.aspx
demo.xloc.com/
Redirect Chain
  • https://demo.xloc.com/
  • https://demo.xloc.com/DesktopDefault.aspx
17 KB
7 KB
Document
General
Full URL
https://demo.xloc.com/DesktopDefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
12d78e82d1b92176c778e6caa6297348a89bd228bfcd07f7d271fee8499a9f75

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Encoding
gzip
Content-Length
6628
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Jun 2023 02:24:56 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET

Redirect headers

Cache-Control
private
Content-Length
158
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Jun 2023 02:24:56 GMT
Location
https://demo.xloc.com/DesktopDefault.aspx
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
app.css
demo.xloc.com/dist/assets/css/
803 KB
263 KB
Stylesheet
General
Full URL
https://demo.xloc.com/dist/assets/css/app.css
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/DesktopDefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8fb31a8833c58ba32730a3e0afcf471bd542932a6f4903b1574deeb455866c94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/DesktopDefault.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 May 2022 12:51:18 GMT
Server
Microsoft-IIS/8.5
ETag
"0671ca46c64d81:0"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
FireFoxHack.css
demo.xloc.com/dist/assets/css/
194 B
542 B
Stylesheet
General
Full URL
https://demo.xloc.com/dist/assets/css/FireFoxHack.css
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/DesktopDefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
20ccf527259b1caae9bcefb8a96fee2cc1dab445e1c62ad99dcea342b58dc7d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/DesktopDefault.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Apr 2022 17:26:26 GMT
Server
Microsoft-IIS/8.5
ETag
"04d1470924ed81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
250
fontello.css
demo.xloc.com/dist/assets/fonts/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://demo.xloc.com/dist/assets/fonts/css/fontello.css
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/DesktopDefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
cf57a4a62e2af566a19f886ed14246522dfeb425288e27834aad01cabeb092ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/DesktopDefault.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 15:45:32 GMT
Server
Microsoft-IIS/8.5
ETag
"0364f43b48d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1210
sweetalert2.min.css
demo.xloc.com/common/CSS/
14 KB
4 KB
Stylesheet
General
Full URL
https://demo.xloc.com/common/CSS/sweetalert2.min.css
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/DesktopDefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7450b0ba109fa1ea0178cb9588dee185b644656eed6a4013a34b90f12cd9488f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/DesktopDefault.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 15:45:32 GMT
Server
Microsoft-IIS/8.5
ETag
"0364f43b48d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
3526
app.js
demo.xloc.com/dist/assets/js/
2 MB
786 KB
Script
General
Full URL
https://demo.xloc.com/dist/assets/js/app.js
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/DesktopDefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
713369f9ad09b7c76117818f449d78c1467a138b4aaca87a92e42b9eef670d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/DesktopDefault.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Apr 2022 17:26:26 GMT
Server
Microsoft-IIS/8.5
ETag
"04d1470924ed81:0"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Utilities.js
demo.xloc.com/common/javascript/
2 KB
1 KB
Script
General
Full URL
https://demo.xloc.com/common/javascript/Utilities.js
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/DesktopDefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
db89aa849f0d02d58a4ecce9dc58f1725fad859610c822ef58a2b371fb0f7ea5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/DesktopDefault.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 15:45:32 GMT
Server
Microsoft-IIS/8.5
ETag
"0364f43b48d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1218
sweetalert2.min.js
demo.xloc.com/common/javascript/
24 KB
10 KB
Script
General
Full URL
https://demo.xloc.com/common/javascript/sweetalert2.min.js
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/DesktopDefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1986a103ef4a4b4144d9d3fec448c22131402ab0552f0edf50404d93846d4f8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/DesktopDefault.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 15:45:32 GMT
Server
Microsoft-IIS/8.5
ETag
"0364f43b48d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
9684
bluebird.js
demo.xloc.com/common/javascript/
88 KB
32 KB
Script
General
Full URL
https://demo.xloc.com/common/javascript/bluebird.js
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/DesktopDefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3d99dc895f91c0af57d6e2cf553ba9e3133447bd6cdf4d9916c79d00039814d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/DesktopDefault.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 15:45:32 GMT
Server
Microsoft-IIS/8.5
ETag
"0364f43b48d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
32006
blue.css
demo.xloc.com/themes/
35 KB
9 KB
Stylesheet
General
Full URL
https://demo.xloc.com/themes/blue.css
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/DesktopDefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1d147e36467e404f862a6172919cc872e2784f7a64969fca4481653cb9204d0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/DesktopDefault.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 May 2022 12:51:18 GMT
Server
Microsoft-IIS/8.5
ETag
"0671ca46c64d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
8645
WebResource.axd
demo.xloc.com/
811 B
744 B
Stylesheet
General
Full URL
https://demo.xloc.com/WebResource.axd?d=KjLXyQVbaJ_AEFsSDFeU4eriPhAiihjJPeD3ER9wtlUgs8BF0Uz2Q8U4uW5v_Nq6MVGrJEGY2eJOA-gARfj6PuIIMRh-vm0xEr4OIy5PlvDkDE647scd_zkOVbqIp1EURR7Kb1UiCHoTXybJ-ZPctA2&t=637877694780000000
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/DesktopDefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ae3c3ee0298361f0f13b06292dae856595ef18587bf238c51a7040b9b616ddd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/DesktopDefault.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 May 2022 12:51:18 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Content-Length
408
Expires
Sat, 22 Jun 2024 02:13:32 GMT
WebResource.axd
demo.xloc.com/
377 B
804 B
Stylesheet
General
Full URL
https://demo.xloc.com/WebResource.axd?d=D8zN1rBj-nq7tBdmBG7yA_mJZjeTtreU6ia8zP4KGQIQZZZV7G4lXkIygU0jGyW2DKFogKlFznp-FiDyob1UESuLCBfwbA0Rh1OKkRAfr0UzHqpeThw-ms3jNdysoMB1QGLJdDzLYpmKS-qUDCM6rBydNFAXDXO6VUKbu7tb5eG5KmSnTUobiL4Qk4saqyrC0&t=637877694780000000
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/DesktopDefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7651e1dc2ab00c89ff92d90bf03fc5fcb381cdd52db8f5f9dd29c5d8490d683d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/DesktopDefault.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 May 2022 12:51:18 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Content-Length
468
Expires
Sat, 22 Jun 2024 02:13:32 GMT
WebResource.axd
demo.xloc.com/
23 KB
6 KB
Script
General
Full URL
https://demo.xloc.com/WebResource.axd?d=O8hNHLAP-xnSuot5AdNqd2MuhecjB07o0rQNnhI8lT1753XuDCSQ8_GtN71PUCyw809h50WcRT3gzRYN7Crvymc5Zap6e5RR2YUK2mnmmAE1&t=637814473746327080
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/DesktopDefault.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/DesktopDefault.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:56 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Feb 2022 09:42:54 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
6007
Expires
Sat, 22 Jun 2024 02:13:32 GMT
DesktopDefault.aspx
demo.xloc.com/
Redirect Chain
  • https://demo.xloc.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2...
  • https://demo.xloc.com/login.aspx?ReturnUrl=%2fTelerik.Web.UI.WebResource.axd%3f_TSM_HiddenField_%3dRadScriptManager1_TSM%26compress%3d1%26_TSM_CombinedScripts_%3d%253b%253bSystem.Web.Extensions%252...
  • https://demo.xloc.com/DesktopDefault.aspx?aspxerrorpath=/login.aspx
17 KB
7 KB
Script
General
Full URL
https://demo.xloc.com/DesktopDefault.aspx?aspxerrorpath=/login.aspx
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/DesktopDefault.aspx
Protocol
HTTP/1.1
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0fb020a10e02c0d5298e2f262fd32b6f1f1790f0386bda82a8c0ce09dfc04c3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/DesktopDefault.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Jun 2023 02:24:56 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache
Content-Length
6644
Expires
-1

Redirect headers

Location
https://demo.xloc.com/DesktopDefault.aspx?aspxerrorpath=/login.aspx
Date
Fri, 23 Jun 2023 02:24:56 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
184
Content-Type
text/html; charset=utf-8
css
fonts.googleapis.com/
27 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/dist/assets/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Jun 2023 02:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 01:11:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Jun 2023 02:25:18 GMT
main-background.jpg
demo.xloc.com/images/
304 KB
304 KB
Image
General
Full URL
https://demo.xloc.com/images/main-background.jpg
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/dist/assets/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a348732acd8b2244f92860fe3914203bdf17aad135033c2708ae42b53e06d1f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/dist/assets/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:58 GMT
Last-Modified
Mon, 04 Apr 2022 15:45:32 GMT
Server
Microsoft-IIS/8.5
ETag
"0364f43b48d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
311248
app.css
demo.xloc.com/dist/assets/css/
11 KB
11 KB
Image
General
Full URL
https://demo.xloc.com/dist/assets/css/app.css
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/dist/assets/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.xloc.com/dist/assets/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 May 2022 12:51:18 GMT
Server
Microsoft-IIS/8.5
ETag
"0671ca46c64d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
177876
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://demo.xloc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 05:45:28 GMT
x-content-type-options
nosniff
age
506391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jun 2024 05:45:28 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v35/
49 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://demo.xloc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 19:05:20 GMT
x-content-type-options
nosniff
age
544799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50440
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:13:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jun 2024 19:05:20 GMT
fontello.woff2
demo.xloc.com/dist/assets/fonts/font/
5 KB
5 KB
Font
General
Full URL
https://demo.xloc.com/dist/assets/fonts/font/fontello.woff2?50481288
Requested by
Host: demo.xloc.com
URL: https://demo.xloc.com/dist/assets/fonts/css/fontello.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.239.255.108 Fort Mill, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c6377a3661bfff3da0d4f012e517ac9fb432a31e08ce3c06328635bc5963e99a

Request headers

Referer
https://demo.xloc.com/dist/assets/fonts/css/fontello.css
Origin
https://demo.xloc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 23 Jun 2023 02:24:58 GMT
Last-Modified
Mon, 04 Apr 2022 15:45:32 GMT
Server
Microsoft-IIS/8.5
ETag
"0364f43b48d81:0"
X-Powered-By
ASP.NET
Content-Type
application/font-woff2
Accept-Ranges
bytes
Content-Length
4712

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| _typeof function| initMargins function| _createClass function| _classCallCheck function| is_touch_device function| init_mobile_header_menus function| hide_element_if_child_not_exist function| init_actions function| show_search_tables function| sweetAlertConfirm function| sweetAlertConfirmADV function| extend function| $ function| jQuery object| whatInput object| Foundation function| legacyAlert function| checkKeyforCharacters function| newAlert function| doCheckAll function| OpenInstructions function| Sweetalert2 function| swal function| sweetAlert function| P object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| ToggleSidebar function| ShowLoadPanel function| HideLoadPanel function| handleEnter

1 Cookies

Domain/Path Name / Value
demo.xloc.com/ Name: ASP.NET_SessionId
Value: s2ihfgnkunwrabcs1vjfvwhi

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

demo.xloc.com
fonts.googleapis.com
fonts.gstatic.com
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
64.239.255.108
0fb020a10e02c0d5298e2f262fd32b6f1f1790f0386bda82a8c0ce09dfc04c3c
12d78e82d1b92176c778e6caa6297348a89bd228bfcd07f7d271fee8499a9f75
1986a103ef4a4b4144d9d3fec448c22131402ab0552f0edf50404d93846d4f8a
1d147e36467e404f862a6172919cc872e2784f7a64969fca4481653cb9204d0d
20ccf527259b1caae9bcefb8a96fee2cc1dab445e1c62ad99dcea342b58dc7d1
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
3d99dc895f91c0af57d6e2cf553ba9e3133447bd6cdf4d9916c79d00039814d0
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
713369f9ad09b7c76117818f449d78c1467a138b4aaca87a92e42b9eef670d32
7450b0ba109fa1ea0178cb9588dee185b644656eed6a4013a34b90f12cd9488f
7651e1dc2ab00c89ff92d90bf03fc5fcb381cdd52db8f5f9dd29c5d8490d683d
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8fb31a8833c58ba32730a3e0afcf471bd542932a6f4903b1574deeb455866c94
a348732acd8b2244f92860fe3914203bdf17aad135033c2708ae42b53e06d1f6
ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d
ae3c3ee0298361f0f13b06292dae856595ef18587bf238c51a7040b9b616ddd3
c6377a3661bfff3da0d4f012e517ac9fb432a31e08ce3c06328635bc5963e99a
cf57a4a62e2af566a19f886ed14246522dfeb425288e27834aad01cabeb092ba
db89aa849f0d02d58a4ecce9dc58f1725fad859610c822ef58a2b371fb0f7ea5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855