urlscan.io logo urlscan.io
SecurityTrails logo

45797a79-53ee4413.xenox.cfd Open in urlscan Pro
20.203.171.106  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbk...
Effective URL: https://45797a79-53ee4413.xenox.cfd/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk2uj8t0ud7Nwvny5d6%2Fsso%2Fwsfed%2Fpassive%3Flogi...
Submission: On March 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 20.203.171.106, located in Zurich, Switzerland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 45797a79-53ee4413.xenox.cfd.
TLS certificate: Issued by R3 on March 21st 2023. Valid for: 3 months.
This is the only time 45797a79-53ee4413.xenox.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:26f0:280... 20940 (AKAMAI-ASN1)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 6 20.203.171.106 8075 (MICROSOFT...)
15 4
1    2a02:26f0:280:196::23ed (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.naukrigulf.com
5    2606:4700::6812:672 (United States)

ASN13335 (CLOUDFLARENET, US)
ugbdwl.codesandbox.io
codesandbox.io
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
6    20.203.171.106 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lmo.xenox.cfd
45797a79-53ee4413.xenox.cfd
Apex Domain
Subdomains		 Transfer
6 xenox.cfd
lmo.xenox.cfd
45797a79-53ee4413.xenox.cfd
4f9b047b-53ee4413.xenox.cfd Failed
292 KB
5 codesandbox.io
ugbdwl.codesandbox.io
codesandbox.io — Cisco Umbrella Rank: 73255
50 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 886
6 KB
1 naukrigulf.com
www.naukrigulf.com — Cisco Umbrella Rank: 428145
1 KB
15 4
Domain Requested by
4 lmo.xenox.cfd 1 redirects ugbdwl.codesandbox.io
lmo.xenox.cfd
4 codesandbox.io ugbdwl.codesandbox.io
codesandbox.io
2 45797a79-53ee4413.xenox.cfd 1 redirects lmo.xenox.cfd
45797a79-53ee4413.xenox.cfd
1 static.cloudflareinsights.com ugbdwl.codesandbox.io
1 ugbdwl.codesandbox.io
1 www.naukrigulf.com 1 redirects
0 4f9b047b-53ee4413.xenox.cfd Failed 45797a79-53ee4413.xenox.cfd
15 7

This site contains no links.

Subject Issuer Validity Valid
codesandbox.io
Cloudflare Inc ECC CA-3		 2023-03-19 -
2024-03-18		 a year crt.sh
*.nodebox.codesandbox.io
E1		 2023-03-08 -
2023-06-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
xenox.cfd
R3		 2023-03-21 -
2023-06-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://45797a79-53ee4413.xenox.cfd/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk2uj8t0ud7Nwvny5d6%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Diuliana.ilea%2540fanduel.com%26client-request-id%3D28e4ce76-33e8-47d9-8dd0-edbf977cfc8f%26username%3Diuliana.ilea%2540fanduel.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253Afederation%253AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATKzj3ReGF80733wtv902v-9K9iVCZshP4FRsYXjIyTmCQyS3MyE_MS9TJzUhMd0hLzUkpTc0AqbjEJ-hele6aEF7ulpqQWJZZk5uc9Ysap_AKLwCsWHgNmKw4OLgEGCQYFhh8sjItYge5LzzdeNb__l9sSK6k1_NwMDKdY9S2rLIpNXDy9w5wi04rM_RKrcsOyPQzcigqT8y1DTZLM_EMSA5IsUiwNHC1sLawMJ7AJTWBjOsXG8IGNsYOdYRY7wwFOxgO8DD_4Ds18MnXzqVNvPV7x6xRrJ3paBJR5J1lkO0WmJOsbp-b7h3qlVhmkJHqWGpqYhZiaJGkHVZZ6u0faAgA1
Frame ID: 890FB688266294B3EF0A122F0703E91A
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2... HTTP 303
    https://ugbdwl.codesandbox.io/ Page URL
  2. https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t Page URL
  3. https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t Page URL
  4. https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t&sso_reload=true HTTP 302
    https://45797a79-53ee4413.xenox.cfd/app/office365/exk2uj8t0ud7Nwvny5d6/sso/wsfed/passive?login_hint=iuliana.ilea... HTTP 302
    https://45797a79-53ee4413.xenox.cfd/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk2uj8t0ud7Nwvny5d6%2Fsso%2Fws... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

15
Requests

67 %
HTTPS

75 %
IPv6

4
Domains

7
Subdomains

4
IPs

3
Countries

347 kB
Transfer

1074 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbkBiaWdwb25kLmNvbQ%3D%3D%7C%2A%2A%2A%2A%7C1%7C~~%7C20230129&rUrl=https%3A%2F%2Fugbdwl.codesandbox.io%2F%23dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t HTTP 303
    https://ugbdwl.codesandbox.io/ Page URL
  2. https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t Page URL
  3. https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t Page URL
  4. https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t&sso_reload=true HTTP 302
    https://45797a79-53ee4413.xenox.cfd/app/office365/exk2uj8t0ud7Nwvny5d6/sso/wsfed/passive?login_hint=iuliana.ilea%40fanduel.com&client-request-id=28e4ce76-33e8-47d9-8dd0-edbf977cfc8f&username=iuliana.ilea%40fanduel.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATKzj3ReGF80733wtv902v-9K9iVCZshP4FRsYXjIyTmCQyS3MyE_MS9TJzUhMd0hLzUkpTc0AqbjEJ-hele6aEF7ulpqQWJZZk5uc9Ysap_AKLwCsWHgNmKw4OLgEGCQYFhh8sjItYge5LzzdeNb__l9sSK6k1_NwMDKdY9S2rLIpNXDy9w5wi04rM_RKrcsOyPQzcigqT8y1DTZLM_EMSA5IsUiwNHC1sLawMJ7AJTWBjOsXG8IGNsYOdYRY7wwFOxgO8DD_4Ds18MnXzqVNvPV7x6xRrJ3paBJR5J1lkO0WmJOsbp-b7h3qlVhmkJHqWGpqYhZiaJGkHVZZ6u0faAgA1 HTTP 302
    https://45797a79-53ee4413.xenox.cfd/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk2uj8t0ud7Nwvny5d6%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Diuliana.ilea%2540fanduel.com%26client-request-id%3D28e4ce76-33e8-47d9-8dd0-edbf977cfc8f%26username%3Diuliana.ilea%2540fanduel.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253Afederation%253AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATKzj3ReGF80733wtv902v-9K9iVCZshP4FRsYXjIyTmCQyS3MyE_MS9TJzUhMd0hLzUkpTc0AqbjEJ-hele6aEF7ulpqQWJZZk5uc9Ysap_AKLwCsWHgNmKw4OLgEGCQYFhh8sjItYge5LzzdeNb__l9sSK6k1_NwMDKdY9S2rLIpNXDy9w5wi04rM_RKrcsOyPQzcigqT8y1DTZLM_EMSA5IsUiwNHC1sLawMJ7AJTWBjOsXG8IGNsYOdYRY7wwFOxgO8DD_4Ds18MnXzqVNvPV7x6xRrJ3paBJR5J1lkO0WmJOsbp-b7h3qlVhmkJHqWGpqYhZiaJGkHVZZ6u0faAgA1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbkBiaWdwb25kLmNvbQ%3D%3D%7C%2A%2A%2A%2A%7C1%7C~~%7C20230129&rUrl=https%3A%2F%2Fugbdwl.codesandbox.io%2F%23dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t HTTP 303
  • https://ugbdwl.codesandbox.io/

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ugbdwl.codesandbox.io/
Redirect Chain
  • https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbkBiaWdwb25kLmNvbQ%3D%3D%7C%2A%2A%2A%2A%7C1%7C~~%7C20230129&rUrl=https%3A%2F...
  • https://ugbdwl.codesandbox.io/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ugbdwl.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c283396b56cb5a00a201dfcf747b0be0d20c3c2a1474ef4c112ff48ca60623

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
7ab948ad0b7d2c77-FRA
content-encoding
br
content-type
text/html
date
Tue, 21 Mar 2023 21:28:18 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 google
x-request-id
F06MajFx82WtVgcGGJ_k

Redirect headers

content-length
0
content-type
application/json
date
Tue, 21 Mar 2023 21:28:18 GMT
location
https://ugbdwl.codesandbox.io/#dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t
server
nginx
strict-transport-security
: max-age=31536000
timestamp
1679434098
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-trace
2B66CF295DD07884E47FA2738B4C6C0FF7F5C39790000000000000000000
sse-hooks.f742b80f43c5a2e0e619b0d97b5886cd.js
codesandbox.io/public/sse-hooks/ 		172 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/public/sse-hooks/sse-hooks.f742b80f43c5a2e0e619b0d97b5886cd.js
Requested by
Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d32a15d4694a9a6cd245c8ce10acbb9ef6fe293331ca508a5ecc6ab78acc158

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ugbdwl.codesandbox.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 21:28:18 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
6630965
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 13 Aug 2022 13:00:47 GMT
server
cloudflare
etag
W/"62f7a07f-2aeb3"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7ab948adac3b2c77-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
banner.0b5d84a2b.js
codesandbox.io/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/static/js/banner.0b5d84a2b.js
Requested by
Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
683fbdef88b2ebf85e44c498687952697f4093fb1ff40f884eb6a2f3c74d0bb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ugbdwl.codesandbox.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 21:28:18 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
1317458
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 06 Mar 2023 08:37:20 GMT
server
cloudflare
etag
W/"6405a640-f37"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7ab948adac3f2c77-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
watermark-button.f4f9aed52.js
codesandbox.io/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/static/js/watermark-button.f4f9aed52.js
Requested by
Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ugbdwl.codesandbox.io/
Origin
https://ugbdwl.codesandbox.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 21:28:18 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
4964
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Mar 2023 15:56:05 GMT
server
cloudflare
etag
W/"6419d395-ae5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7ab948adcef230f9-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ugbdwl.codesandbox.io/
Origin
https://ugbdwl.codesandbox.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 21:28:18 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 17:58:49 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7ab948ae1fcb9125-FRA
phishing
codesandbox.io/api/v1/sandboxes/ugbdwl/ 		33 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/api/v1/sandboxes/ugbdwl/phishing
Requested by
Host: codesandbox.io
URL: https://codesandbox.io/static/js/banner.0b5d84a2b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ugbdwl.codesandbox.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 21:28:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
origin
content-type
application/vnd.github.v3+json; charset=utf-8
access-control-allow-origin
https://ugbdwl.codesandbox.io
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
cf-ray
7ab948adff2730f9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33
x-request-id
F06MajgoKbDDut0GhTHC
/
lmo.xenox.cfd/ 		350 KB
118 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t
Requested by
Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
6993c7947856b061aab31734e1e189bd2c2f2167d7b98a2aa21c746b83567ac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ugbdwl.codesandbox.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 21 Mar 2023 21:28:19 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
lmo.xenox.cfd/ 		196 B
361 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t
Requested by
Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
f1106067efbe9f294af3e193db9b28cf4603830e659d25170f3388857bee28a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 21 Mar 2023 21:28:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
application/json
/
lmo.xenox.cfd/ 		508 KB
172 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t
Requested by
Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-store, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 21 Mar 2023 21:28:21 GMT
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://3ecabd71-53ee4413.xenox.cfd/api/report?catId=GW+estsfd+dub1"}]}
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Accept-Encoding
x-ms-ests-server
2.1.14939.4 - WEULR2 ProdSlices
x-ms-request-id
fccbc7a4-0e19-4ceb-9273-768769c70800
Primary Request login.htm
45797a79-53ee4413.xenox.cfd/login/
Redirect Chain
  • https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t&sso_reload=true
  • https://45797a79-53ee4413.xenox.cfd/app/office365/exk2uj8t0ud7Nwvny5d6/sso/wsfed/passive?login_hint=iuliana.ilea%40fanduel.com&client-request-id=28e4ce76-33e8-47d9-8dd0-edbf977cfc8f&username=iulian...
  • https://45797a79-53ee4413.xenox.cfd/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk2uj8t0ud7Nwvny5d6%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Diuliana.ilea%2540fanduel.com%26client-request-id%3D28e4c...
18 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://45797a79-53ee4413.xenox.cfd/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk2uj8t0ud7Nwvny5d6%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Diuliana.ilea%2540fanduel.com%26client-request-id%3D28e4ce76-33e8-47d9-8dd0-edbf977cfc8f%26username%3Diuliana.ilea%2540fanduel.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253Afederation%253AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATKzj3ReGF80733wtv902v-9K9iVCZshP4FRsYXjIyTmCQyS3MyE_MS9TJzUhMd0hLzUkpTc0AqbjEJ-hele6aEF7ulpqQWJZZk5uc9Ysap_AKLwCsWHgNmKw4OLgEGCQYFhh8sjItYge5LzzdeNb__l9sSK6k1_NwMDKdY9S2rLIpNXDy9w5wi04rM_RKrcsOyPQzcigqT8y1DTZLM_EMSA5IsUiwNHC1sLawMJ7AJTWBjOsXG8IGNsYOdYRY7wwFOxgO8DD_4Ds18MnXzqVNvPV7x6xRrJ3paBJR5J1lkO0WmJOsbp-b7h3qlVhmkJHqWGpqYhZiaJGkHVZZ6u0faAgA1
Requested by
Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aXVsaWFuYS5pbGVhQGZhbmR1ZWwuY29t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-cache, no-store
content-encoding
gzip
content-language
de
content-type
text/html;charset=utf-8
date
Tue, 21 Mar 2023 21:28:26 GMT
p3p
CP="HONK"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Accept-Encoding
x-okta-request-id
ZBoherKQVjNdfjrqboYOcgAAACU
x-rate-limit-limit
1200
x-rate-limit-remaining
1192
x-rate-limit-reset
1679434155
x-robots-tag
noindex,nofollow
x-ua-compatible
IE=edge

Redirect headers

access-control-allow-headers
*
access-control-allow-origin
*
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 21 Mar 2023 21:28:25 GMT
location
https://45797a79-53ee4413.xenox.cfd/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk2uj8t0ud7Nwvny5d6%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Diuliana.ilea%2540fanduel.com%26client-request-id%3D28e4ce76-33e8-47d9-8dd0-edbf977cfc8f%26username%3Diuliana.ilea%2540fanduel.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253Afederation%253AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATKzj3ReGF80733wtv902v-9K9iVCZshP4FRsYXjIyTmCQyS3MyE_MS9TJzUhMd0hLzUkpTc0AqbjEJ-hele6aEF7ulpqQWJZZk5uc9Ysap_AKLwCsWHgNmKw4OLgEGCQYFhh8sjItYge5LzzdeNb__l9sSK6k1_NwMDKdY9S2rLIpNXDy9w5wi04rM_RKrcsOyPQzcigqT8y1DTZLM_EMSA5IsUiwNHC1sLawMJ7AJTWBjOsXG8IGNsYOdYRY7wwFOxgO8DD_4Ds18MnXzqVNvPV7x6xRrJ3paBJR5J1lkO0WmJOsbp-b7h3qlVhmkJHqWGpqYhZiaJGkHVZZ6u0faAgA1
p3p
CP="HONK"
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-okta-request-id
ZBoheWB9vYoOAHNdipBVRAAABeA
okta-sign-in.min.js
4f9b047b-53ee4413.xenox.cfd/assets/js/sdk/okta-signin-widget/7.4.0/js/ 		0
0
okta-sign-in.min.css
4f9b047b-53ee4413.xenox.cfd/assets/js/sdk/okta-signin-widget/7.4.0/css/ 		0
0
loginpage-theme.c1227d73b70be13e51aae80fe238b0ae.css
4f9b047b-53ee4413.xenox.cfd/assets/loginpage/css/ 		0
0
style-sheet
45797a79-53ee4413.xenox.cfd/api/internal/brand/theme/ 		0
0
gfs8aknu6fDCpKCP95d6
4f9b047b-53ee4413.xenox.cfd/fs/bcg/4/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
4f9b047b-53ee4413.xenox.cfd
URL
https://4f9b047b-53ee4413.xenox.cfd/assets/js/sdk/okta-signin-widget/7.4.0/js/okta-sign-in.min.js
Domain
4f9b047b-53ee4413.xenox.cfd
URL
https://4f9b047b-53ee4413.xenox.cfd/assets/js/sdk/okta-signin-widget/7.4.0/css/okta-sign-in.min.css
Domain
4f9b047b-53ee4413.xenox.cfd
URL
https://4f9b047b-53ee4413.xenox.cfd/assets/loginpage/css/loginpage-theme.c1227d73b70be13e51aae80fe238b0ae.css
Domain
45797a79-53ee4413.xenox.cfd
URL
https://45797a79-53ee4413.xenox.cfd/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=abc4780733b2999dc5536ea4bf18a7237d32beafe91e2f7611b8af3ecb8ae0d0dfb208992a3b1ecefd0c0f9333f4b59d
Domain
4f9b047b-53ee4413.xenox.cfd
URL
https://4f9b047b-53ee4413.xenox.cfd/fs/bcg/4/gfs8aknu6fDCpKCP95d6

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

21 Cookies

Domain/Path Name / Value
.naukrigulf.com/nglogin/user Name: _t_ds
Value: 5d234891679434098-115d23489-05d23489
www.naukrigulf.com/nglogin/user Name: aka_location
Value: Country=DE
.naukrigulf.com/ Name: _ngenv1[lang]
Value: en
.naukrigulf.com/ Name: puppeteer
Value: FALSE
.naukrigulf.com/ Name: resmanexp
Value:
.naukrigulf.com/ Name: mboost
Value: false
.naukrigulf.com/ Name: mboost50
Value: false
www.naukrigulf.com/ Name: profileCom
Value: y
www.naukrigulf.com/ Name: chatbotonorganicresman
Value: n
www.naukrigulf.com/ Name: chatbotonmarketingresman
Value: y
www.naukrigulf.com/ Name: chatbotonmarketingresmanAr
Value: n
www.naukrigulf.com/ Name: chatbotonorganicresmanAr
Value: n
.naukrigulf.com/ Name: countryc
Value: DE
.naukrigulf.com/ Name: countryn
Value: Germany
.naukrigulf.com/ Name: city
Value: Frankfurt am Main
.naukrigulf.com/ Name: state
Value: Hesse
.naukrigulf.com/ Name: ak_bmsc
Value: 329651C66EB01FA42D83F3F94EACCC4E~000000000000000000000000000000~YAAQTXcTAn1X7ASHAQAA9acSBhOsxl6A/r/xQbnazdXo86iZlbUreOVtE5bT4GyZU3pzCPGZaEuph6TkhRepOpbe3AGwIsZ556tCZuva8Rl04ciEU65xZsvNHutSty/0vY7AQS3wfPEn/lJm0dsnUy4SP5XKcCu6enpoLncfV8vvtki1s3pkPBMCEs7l5173ibqFxwyy8biNrgGcinengJtbmCJS1y9hWyaO2uboe1LCSy3eF+C/1vsHA58ShjyJlOyYZP6LK1T7nsR3k7JoaxDPD0wuyXjXJEDusrTMgyQ8oCkg1gIv/Emq1Eij3dzlyr5EyMyVj30JePxrLj22HRuhFSYRXGIgCYq+aOtLUKG0fva2T/0WZAh5Afs2fGAHGoTfzH+0+F3KAMsJEBhjUOOsNk70RZabfwYUbHHgFOY2kDGQ
.codesandbox.io/ Name: _cfuvid
Value: KLLX.kqtu1dtBbr1o1_KbQfmSZgKadz9ntrL7zP5uE0-1679434098796-0-604800000
.xenox.cfd/ Name: WjzLSF
Value: NTNlZTQ0MTMtM2M4ZS00NTlmLWE2YTQtMWU0YTU3Y2JiNWYxOjcyMDhiNzc4LTRjMmMtNGNhNi05OTM2LTViM2QwOTQ0MmJlNw==
.lmo.xenox.cfd/ Name: AADSSO
Value: NA|NoExtension
lmo.xenox.cfd/ Name: SSOCOOKIEPULLED
Value: 1