admin.xpedigital.com Open in urlscan Pro
52.86.211.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://admin.xpedigital.com/
Effective URL:
https://admin.xpedigital.com/login
Submission: On October 24 via api (October 24th 2024, 4:15:29 pm UTC) from US — Scanned from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 17 HTTP transactions. The main IP is 52.86.211.5, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is admin.xpedigital.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on August 14th 2024. Valid for: a year.

This is the only time admin.xpedigital.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	52.86.211.5 52.86.211.5	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:219... 2600:9000:2191:ee00:a:e050:4f80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
1	13.32.208.83 13.32.208.83	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::5e	15169 (GOOGLE) (GOOGLE)
1	18.165.101.138 18.165.101.138	16509 (AMAZON-02) (AMAZON-02)
17	6

13 52.86.211.5 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-211-5.compute-1.amazonaws.com

admin.xpedigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2191:ee00:a:e050:4f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

pluginserver.buildfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.208.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-208-83.iad66.r.cloudfront.net

apmyztgbko.cloudimg.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.101.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-101-138.iad55.r.cloudfront.net

cloudfront.loggly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	xpedigital.com 1 redirects admin.xpedigital.com	119 KB
1	loggly.com cloudfront.loggly.com	2 KB
1	gstatic.com fonts.gstatic.com	32 KB
1	cloudimg.io apmyztgbko.cloudimg.io	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	939 B
1	buildfire.com pluginserver.buildfire.com — Cisco Umbrella Rank: 678154	2 KB
17	6

	Domain	Requested by
13	admin.xpedigital.com	1 redirects admin.xpedigital.com
1	cloudfront.loggly.com	pluginserver.buildfire.com
1	fonts.gstatic.com	fonts.googleapis.com
1	apmyztgbko.cloudimg.io	admin.xpedigital.com
1	fonts.googleapis.com	admin.xpedigital.com
1	pluginserver.buildfire.com	admin.xpedigital.com
17	6

This site contains no links.

Subject Issuer	Validity	Valid
admin.xpedigital.com ZeroSSL RSA Domain Secure Site CA	`2024-08-14` - `2025-08-14`	a year	crt.sh
*.buildfire.com Amazon RSA 2048 M02	`2024-06-17` - `2025-07-16`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.cloudimg.io GeoTrust TLS RSA CA G1	`2024-05-13` - `2025-06-01`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.loggly.com Amazon RSA 2048 M03	`2024-10-10` - `2025-11-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://admin.xpedigital.com/login
Frame ID: B389BBF7515C2B5C02F57E675AC48DCE
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://admin.xpedigital.com/ HTTP 302
https://admin.xpedigital.com/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

161 kB
Transfer

459 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://admin.xpedigital.com/ HTTP 302
https://admin.xpedigital.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
admin.xpedigital.com/
Redirect Chain

https://admin.xpedigital.com/
https://admin.xpedigital.com/login

7 KB
3 KB

70ms
31ms

Document
text/html

52.86.211.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.xpedigital.com/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.86.211.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-211-5.compute-1.amazonaws.com

Software

Resource Hash

abc39f8419d3a836c0b14745a605b5d680d696f80075cbd2af45a73be2bc9e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Oct 2024 16:15:20 GMT
ETag: W/"1d09-m8Zlau0lEUlIw/TcOH7naeONadE"
Permissions-Policy: geolocation=*
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Redirect headers

Access-Control-Allow-Origin: *
Connection: close
Content-Length: 56
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Oct 2024 16:15:20 GMT
Location: /login
Permissions-Policy: geolocation=*
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; preload
Vary: Accept, Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK bootstrap.css
admin.xpedigital.com/styles/ 183 KB
26 KB 90ms
50ms Stylesheet
text/css 52.86.211.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.xpedigital.com/styles/bootstrap.css

Requested by

Host: admin.xpedigital.com
URL: https://admin.xpedigital.com/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.86.211.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-211-5.compute-1.amazonaws.com

Software

Resource Hash

791ded0a6b2c9d76a8e1fa84538df96cd43a661e8d5ab6f5e03204ae04417b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/login

Response headers

Content-Encoding: gzip
ETag: W/"2dd7f-1922571685e"
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 16:15:20 GMT
Content-Type: text/css; charset=UTF-8
Last-Modified: Tue, 24 Sep 2024 19:10:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; preload
Cache-Control: public, max-age=0
Connection: close
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK ladda-themeless.min.css
admin.xpedigital.com/styles/ 8 KB
2 KB 73ms
30ms Stylesheet
text/css 52.86.211.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.xpedigital.com/styles/ladda-themeless.min.css

Requested by

Host: admin.xpedigital.com
URL: https://admin.xpedigital.com/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.86.211.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-211-5.compute-1.amazonaws.com

Software

Resource Hash

b944955465f9957f014436e7071f6a264827e665dfd7d8f474dd419d6ad6f49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/login

Response headers

Content-Encoding: gzip
ETag: W/"2157-18fcabda67b"
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 16:15:20 GMT
Content-Type: text/css; charset=UTF-8
Last-Modified: Thu, 30 May 2024 18:22:57 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; preload
Cache-Control: public, max-age=0
Connection: close
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK helper.css
admin.xpedigital.com/styles/ 35 KB
8 KB 78ms
34ms Stylesheet
text/css 52.86.211.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.xpedigital.com/styles/helper.css

Requested by

Host: admin.xpedigital.com
URL: https://admin.xpedigital.com/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.86.211.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-211-5.compute-1.amazonaws.com

Software

Resource Hash

01b29136ee39b0fee0560bf1fc8bc8e0a30a38fcbd08ce7c4b3cb084530f4776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/login

Response headers

Content-Encoding: gzip
ETag: W/"8d29-18f54066620"
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 16:15:20 GMT
Content-Type: text/css; charset=UTF-8
Last-Modified: Tue, 07 May 2024 17:07:36 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; preload
Cache-Control: public, max-age=0
Connection: close
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK angular.min.js Show response
admin.xpedigital.com/scripts/lib/ 146 KB
53 KB 96ms
53ms Script
application/javascript 52.86.211.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.xpedigital.com/scripts/lib/angular.min.js

Requested by

Host: admin.xpedigital.com
URL: https://admin.xpedigital.com/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.86.211.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-211-5.compute-1.amazonaws.com

Software

Resource Hash

480b0dcf87f3762059569007f32ef80a5e21f1115718c5bfc7644f3e701722dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/login

Response headers

Content-Encoding: gzip
ETag: W/"249fe-17be8e90f80"
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 16:15:20 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Wed, 15 Sep 2021 10:03:13 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; preload
Cache-Control: public, max-age=0
Connection: close
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK spin.min.js Show response
admin.xpedigital.com/scripts/lib/ 4 KB
3 KB 370ms
327ms Script
application/javascript 52.86.211.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.xpedigital.com/scripts/lib/spin.min.js

Requested by

Host: admin.xpedigital.com
URL: https://admin.xpedigital.com/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.86.211.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-211-5.compute-1.amazonaws.com

Software

Resource Hash

ca64e3f676b38f06ed0eba111776f2bc8ad352b672c0819ec5b9072c342bd35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/login

Response headers

Content-Encoding: gzip
ETag: W/"101b-17be8e90f90"
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 16:15:20 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Wed, 15 Sep 2021 10:03:13 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; preload
Cache-Control: public, max-age=0
Connection: close
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK ladda.min.js Show response
admin.xpedigital.com/scripts/lib/ 4 KB
2 KB 72ms
29ms Script
application/javascript 52.86.211.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.xpedigital.com/scripts/lib/ladda.min.js

Requested by

Host: admin.xpedigital.com
URL: https://admin.xpedigital.com/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.86.211.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-211-5.compute-1.amazonaws.com

Software

Resource Hash

24cb05ccff63bafc2a18ba4fdb70b92bda051a3cb0dc223fe50aa185500ef971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/login

Response headers

Content-Encoding: gzip
ETag: W/"ea9-17be8e90f90"
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 16:15:20 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Wed, 15 Sep 2021 10:03:13 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; preload
Cache-Control: public, max-age=0
Connection: close
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK angular-ladda.min.js Show response
admin.xpedigital.com/scripts/lib/ 1 KB
1 KB 138ms
33ms Script
application/javascript 52.86.211.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.xpedigital.com/scripts/lib/angular-ladda.min.js

Requested by

Host: admin.xpedigital.com
URL: https://admin.xpedigital.com/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.86.211.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-211-5.compute-1.amazonaws.com

Software

Resource Hash

6417048f3626187db3a90588f58ee438e19f2f1c952ca8828487021f6301c608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/login

Response headers

Content-Encoding: gzip
ETag: W/"430-17be8e90f78"
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 16:15:20 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Wed, 15 Sep 2021 10:03:13 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; preload
Cache-Control: public, max-age=0
Connection: close
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK whitelabelCtrl.js Show response
admin.xpedigital.com/pages/whitelabel/ 1 KB
1 KB 135ms
29ms Script
application/javascript 52.86.211.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.xpedigital.com/pages/whitelabel/whitelabelCtrl.js

Requested by

Host: admin.xpedigital.com
URL: https://admin.xpedigital.com/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.86.211.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-211-5.compute-1.amazonaws.com

Software

Resource Hash

d0fb99f65fa7272b85da7b1957e6130ea2cb85998c89f1a6db8c12d968946828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/login

Response headers

Content-Encoding: gzip
ETag: W/"494-19273042e2c"
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 16:15:20 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Wed, 09 Oct 2024 20:41:46 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; preload
Cache-Control: public, max-age=0
Connection: close
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK authManager.js Show response
admin.xpedigital.com/scripts/framework/ 4 KB
2 KB 141ms
33ms Script
application/javascript 52.86.211.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.xpedigital.com/scripts/framework/authManager.js

Requested by

Host: admin.xpedigital.com
URL: https://admin.xpedigital.com/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.86.211.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-211-5.compute-1.amazonaws.com

Software

Resource Hash

27d71224955f9dc3142cdcb4226669ceab78d6df7af6d26ee2d241522772171b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/login

Response headers

Content-Encoding: gzip
ETag: W/"1153-17be8e90f70"
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 16:15:20 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Wed, 15 Sep 2021 10:03:13 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; preload
Cache-Control: public, max-age=0
Connection: close
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK loginCtrl.js Show response
admin.xpedigital.com/pages/userAccount/ 2 KB
1 KB 162ms
22ms Script
application/javascript 52.86.211.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.xpedigital.com/pages/userAccount/loginCtrl.js

Requested by

Host: admin.xpedigital.com
URL: https://admin.xpedigital.com/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.86.211.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-211-5.compute-1.amazonaws.com

Software

Resource Hash

65a518f190bd7956157c18a66c2def76436ce083940f5cd172aca61c8bcc71aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/login

Response headers

Content-Encoding: gzip
ETag: W/"924-17be8e91034"
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 16:15:20 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Wed, 15 Sep 2021 10:03:13 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; preload
Cache-Control: public, max-age=0
Connection: close
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Access-Control-Allow-Origin: *

GET
H2 200 logger-client.min.js Show response
pluginserver.buildfire.com/logger/ 3 KB
2 KB 381ms
17ms Script
application/javascript 2600:9000:2191:ee00:a:e050:4f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pluginserver.buildfire.com/logger/logger-client.min.js
Requested by: Host: admin.xpedigital.com
URL: https://admin.xpedigital.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2191:ee00:a:e050:4f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b03271e0c9de10e8b5ba08c313be6a6f43174e76c0f599de24d0c6945615d41e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/

Response headers

x-amz-cf-pop: IAD89-C1
cache-control: max-age=0
content-encoding: gzip
etag: W/"41ec334ffc857a15a496b65699d2e89c"
age: 4395
via: 1.1 7c4bbd97f5be908e33f403c3794f629a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: lW9Hv4trl29leVQj7mPP1xAMRa77WIKnZjU1tjc6ST39Hw_EgBuefQ==
date: Thu, 24 Oct 2024 15:10:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
server: AmazonS3
last-modified: Wed, 08 Nov 2023 19:13:55 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 css
fonts.googleapis.com/ 2 KB
939 B 80ms
29ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:300,400

Requested by

Host: admin.xpedigital.com
URL: https://admin.xpedigital.com/styles/bootstrap.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c725768cd9a6bd47d4d4586057eb3d4b71fda6a1b04576dddf706b9826fd3ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 16:15:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 16:15:20 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 24 Oct 2024 16:15:20 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 xpedigital-logo.png
apmyztgbko.cloudimg.io/v7/https://s3-us-west-2.amazonaws.com/imageserver.prod/616fe7c6-21be-11ef-a97f-12565309935d/ 5 KB
6 KB 2085ms
1810ms Image
image/webp 13.32.208.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apmyztgbko.cloudimg.io/v7/https://s3-us-west-2.amazonaws.com/imageserver.prod/616fe7c6-21be-11ef-a97f-12565309935d/xpedigital-logo.png?func=bound&width=300

Requested by

Host: admin.xpedigital.com
URL: https://admin.xpedigital.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.208.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-208-83.iad66.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

305e549e07487d42f5c7db52707d5c112f3f1d2592b7d5112f231b21debb7e95

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/

Response headers

x-hexa-originusedcode: 200
etag: "2371229377"
x-hexa-initwait: first_req, no_wait
x-hexa-flowtrace: A1R_w2_s1(webp)_w2_s2(png)_e(17)R_e(2)R
access-control-allow-methods: POST, GET, OPTIONS
x-origin-visibility: OV_NORMAL_FILE
x-resource-status: downloaded
x-cache: Miss from cloudfront
x-amz-cf-id: vdHeDeL9EnHPJG-ZjZGMEfxMqbgG9qINeyiXgsWTNCfI2r2EJn5xmw==
date: Thu, 24 Oct 2024 16:15:22 GMT
content-type: image/webp
vary: Accept-Encoding,Accept
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
cache-control: max-age=86400, s-maxage=31536000, public
timing-allow-origin: *
via: 1.1 52ad9d3d5f0aff7e88fa3d0fe9458014.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 5492
x-xss-protection: 1
x-amz-cf-pop: IAD66-C1
x-cloudimg-traceid: C060_241024161520_a31ce_aaWd#330y
server: Scaleflex HTTP Loadbalancer

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 32 KB
32 KB 236ms
51ms Font
font/woff2 2607:f8b0:400d:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:300,400

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://admin.xpedigital.com
Referer: https://fonts.googleapis.com/

Response headers

age: 147228
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 23:21:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 23:21:32 GMT
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32796
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK loggly.tracker-2.2.4.min.js Show response
cloudfront.loggly.com/js/ 2 KB
2 KB 238ms
15ms Script
application/javascript 18.165.101.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudfront.loggly.com/js/loggly.tracker-2.2.4.min.js
Requested by: Host: pluginserver.buildfire.com
URL: https://pluginserver.buildfire.com/logger/logger-client.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.101.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-101-138.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3015c007bbb1a61e4345b214d17980c066c4d8b5334dc41d06db490534634758

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"b471738fe2090543611c9c980eb60bc0"
Age: 72540
Connection: keep-alive
Via: 1.1 ef066a0102f66b719933dbbef3bc5968.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: nRfTaQ4DZW59yTZvMI53RZ7UwuaDZ5m8nkWI_iBPjtubuklvFoWpXg==
Date: Wed, 23 Oct 2024 20:06:22 GMT
Content-Type: application/javascript
Last-Modified: Thu, 18 Mar 2021 06:58:37 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD55-P4
Vary: Accept-Encoding

GET
H/1.1 200
OK favicon-32x32.png
admin.xpedigital.com/images/ 17 KB
18 KB 74ms
38ms Other
image/png 52.86.211.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.xpedigital.com/images/favicon-32x32.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.86.211.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-211-5.compute-1.amazonaws.com

Software

Resource Hash

0251475496daff3e0d7ca6503ac45e2e4c1098c3cea9130206f615fbda1d407e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://admin.xpedigital.com/login

Response headers

Strict-Transport-Security: max-age=31536000; preload
Cache-Control: public, max-age=0
ETag: W/"45e0-17be8e90f60"
Connection: close
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: geolocation=*
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 17888
Date: Thu, 24 Oct 2024 16:15:22 GMT
Content-Type: image/png
Last-Modified: Wed, 15 Sep 2021 10:03:13 GMT
X-Frame-Options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			admin.xpedigital.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 5d92b0c1-c9d8-4362-b8ad-ee2e3579912a

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://admin.xpedigital.com/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.xpedigital.com
apmyztgbko.cloudimg.io
cloudfront.loggly.com
fonts.googleapis.com
fonts.gstatic.com
pluginserver.buildfire.com
13.32.208.83
18.165.101.138
2600:9000:2191:ee00:a:e050:4f80:93a1
2607:f8b0:4004:c19::5f
2607:f8b0:400d:c0b::5e
52.86.211.5
01b29136ee39b0fee0560bf1fc8bc8e0a30a38fcbd08ce7c4b3cb084530f4776
0251475496daff3e0d7ca6503ac45e2e4c1098c3cea9130206f615fbda1d407e
24cb05ccff63bafc2a18ba4fdb70b92bda051a3cb0dc223fe50aa185500ef971
27d71224955f9dc3142cdcb4226669ceab78d6df7af6d26ee2d241522772171b
3015c007bbb1a61e4345b214d17980c066c4d8b5334dc41d06db490534634758
305e549e07487d42f5c7db52707d5c112f3f1d2592b7d5112f231b21debb7e95
480b0dcf87f3762059569007f32ef80a5e21f1115718c5bfc7644f3e701722dd
6417048f3626187db3a90588f58ee438e19f2f1c952ca8828487021f6301c608
65a518f190bd7956157c18a66c2def76436ce083940f5cd172aca61c8bcc71aa
791ded0a6b2c9d76a8e1fa84538df96cd43a661e8d5ab6f5e03204ae04417b0e
abc39f8419d3a836c0b14745a605b5d680d696f80075cbd2af45a73be2bc9e7e
b03271e0c9de10e8b5ba08c313be6a6f43174e76c0f599de24d0c6945615d41e
b944955465f9957f014436e7071f6a264827e665dfd7d8f474dd419d6ad6f49b
c725768cd9a6bd47d4d4586057eb3d4b71fda6a1b04576dddf706b9826fd3ee1
ca64e3f676b38f06ed0eba111776f2bc8ad352b672c0819ec5b9072c342bd35d
d0fb99f65fa7272b85da7b1957e6130ea2cb85998c89f1a6db8c12d968946828
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

admin.xpedigital.com Open in urlscan Pro 52.86.211.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

6 IPs

1 Countries

161 kBTransfer

459 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

admin.xpedigital.com Open in urlscan Pro
52.86.211.5 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

161 kB
Transfer

459 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions