urlscan.io logo urlscan.io
SecurityTrails logo

lmo.xenox.cfd Open in urlscan Pro
20.203.171.106  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbk...
Effective URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=&sso_reload=true
Submission: On March 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 20.203.171.106, located in Zurich, Switzerland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is lmo.xenox.cfd.
TLS certificate: Issued by R3 on March 21st 2023. Valid for: 3 months.
This is the only time lmo.xenox.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 20.203.171.106 8075 (MICROSOFT...)
19 4
1    2a02:26f0:6c00:18b::23ed (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.naukrigulf.com
5    2606:4700::6812:672 (United States)

ASN13335 (CLOUDFLARENET, US)
ugbdwl.codesandbox.io
codesandbox.io
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
9    20.203.171.106 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lmo.xenox.cfd
live.xenox.cfd
9107b80c-714e8310.xenox.cfd
Apex Domain
Subdomains		 Transfer
9 xenox.cfd
lmo.xenox.cfd
live.xenox.cfd
9107b80c-714e8310.xenox.cfd
53ba13a8-714e8310.xenox.cfd Failed
638 KB
5 codesandbox.io
ugbdwl.codesandbox.io
codesandbox.io — Cisco Umbrella Rank: 73255
50 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 886
6 KB
1 naukrigulf.com
www.naukrigulf.com — Cisco Umbrella Rank: 428145
1 KB
19 4
Domain Requested by
4 9107b80c-714e8310.xenox.cfd lmo.xenox.cfd
9107b80c-714e8310.xenox.cfd
4 lmo.xenox.cfd ugbdwl.codesandbox.io
lmo.xenox.cfd
4 codesandbox.io ugbdwl.codesandbox.io
codesandbox.io
1 live.xenox.cfd lmo.xenox.cfd
1 static.cloudflareinsights.com ugbdwl.codesandbox.io
1 ugbdwl.codesandbox.io
1 www.naukrigulf.com 1 redirects
0 53ba13a8-714e8310.xenox.cfd Failed 9107b80c-714e8310.xenox.cfd
19 8

This site contains no links.

Subject Issuer Validity Valid
codesandbox.io
Cloudflare Inc ECC CA-3		 2023-03-19 -
2024-03-18		 a year crt.sh
*.nodebox.codesandbox.io
E1		 2023-03-08 -
2023-06-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
xenox.cfd
R3		 2023-03-21 -
2023-06-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=&sso_reload=true
Frame ID: 615144D50DD7969253FE813C34DE4B8D
Requests: 18 HTTP requests in this frame

Frame: https://53ba13a8-714e8310.xenox.cfd/Prefetch/Prefetch.aspx
Frame ID: 9703B4FBC6D7C47019AA8F6056B91510
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2... HTTP 303
    https://ugbdwl.codesandbox.io/ Page URL
  2. https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20= Page URL
  3. https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20= Page URL
  4. https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=&sso_reload=true Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

19
Requests

79 %
HTTPS

75 %
IPv6

4
Domains

8
Subdomains

4
IPs

3
Countries

694 kB
Transfer

2122 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbkBiaWdwb25kLmNvbQ%3D%3D%7C%2A%2A%2A%2A%7C1%7C~~%7C20230129&rUrl=https%3A%2F%2Fugbdwl.codesandbox.io%2F%23dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20= HTTP 303
    https://ugbdwl.codesandbox.io/ Page URL
  2. https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20= Page URL
  3. https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20= Page URL
  4. https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbkBiaWdwb25kLmNvbQ%3D%3D%7C%2A%2A%2A%2A%7C1%7C~~%7C20230129&rUrl=https%3A%2F%2Fugbdwl.codesandbox.io%2F%23dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20= HTTP 303
  • https://ugbdwl.codesandbox.io/

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ugbdwl.codesandbox.io/
Redirect Chain
  • https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbkBiaWdwb25kLmNvbQ%3D%3D%7C%2A%2A%2A%2A%7C1%7C~~%7C20230129&rUrl=https%3A%2F...
  • https://ugbdwl.codesandbox.io/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ugbdwl.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b94a2ce50a78b8b5c3b98895e2ca2a11f93d3ca8a05585b85157846a382ab64

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
7ab948aaecb291d7-FRA
content-encoding
br
content-type
text/html
date
Tue, 21 Mar 2023 21:28:18 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 google
x-request-id
F06Mahuj0ffTbp0GpBbj

Redirect headers

content-length
0
content-type
application/json
date
Tue, 21 Mar 2023 21:28:18 GMT
location
https://ugbdwl.codesandbox.io/#dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=
server
nginx
strict-transport-security
: max-age=31536000
timestamp
1679434098
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-trace
2B5BEB213FF51C8E36968434EEF4A2AC0CD3A27DF4000000000000000000
sse-hooks.f742b80f43c5a2e0e619b0d97b5886cd.js
codesandbox.io/public/sse-hooks/ 		172 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/public/sse-hooks/sse-hooks.f742b80f43c5a2e0e619b0d97b5886cd.js
Requested by
Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d32a15d4694a9a6cd245c8ce10acbb9ef6fe293331ca508a5ecc6ab78acc158

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ugbdwl.codesandbox.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 21:28:18 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
19036322
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 13 Aug 2022 13:00:47 GMT
server
cloudflare
etag
W/"62f7a07f-2aeb3"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7ab948ab9d4291d7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
banner.0b5d84a2b.js
codesandbox.io/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/static/js/banner.0b5d84a2b.js
Requested by
Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
683fbdef88b2ebf85e44c498687952697f4093fb1ff40f884eb6a2f3c74d0bb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ugbdwl.codesandbox.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 21:28:18 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
1317536
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 06 Mar 2023 08:37:20 GMT
server
cloudflare
etag
W/"6405a640-f37"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7ab948ab9d4391d7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
watermark-button.f4f9aed52.js
codesandbox.io/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/static/js/watermark-button.f4f9aed52.js
Requested by
Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ugbdwl.codesandbox.io/
Origin
https://ugbdwl.codesandbox.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 21:28:18 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
5183
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Mar 2023 15:56:05 GMT
server
cloudflare
etag
W/"6419d395-ae5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7ab948ac1a043809-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ugbdwl.codesandbox.io/
Origin
https://ugbdwl.codesandbox.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 21:28:18 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 17:58:49 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7ab948acb8b4377b-FRA
phishing
codesandbox.io/api/v1/sandboxes/ugbdwl/ 		33 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/api/v1/sandboxes/ugbdwl/phishing
Requested by
Host: codesandbox.io
URL: https://codesandbox.io/static/js/banner.0b5d84a2b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ugbdwl.codesandbox.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 21:28:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
origin
content-type
application/vnd.github.v3+json; charset=utf-8
access-control-allow-origin
https://ugbdwl.codesandbox.io
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
cf-ray
7ab948ac3a233809-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33
x-request-id
F06MaifKIXkp674GGJ3k
/
lmo.xenox.cfd/ 		350 KB
118 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=
Requested by
Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e6b5af3702f1e9d536f74823ab06320609fdcdf5a9aeac0dd453dcc4e387df83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ugbdwl.codesandbox.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 21 Mar 2023 21:28:18 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
lmo.xenox.cfd/ 		196 B
354 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=
Requested by
Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
2ff9486c65b4d3a8a2ba5e7ede408831de4c4c04cfdeea19e92c137a97510185
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 21 Mar 2023 21:28:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
application/json
/
lmo.xenox.cfd/ 		508 KB
172 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=
Requested by
Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
2cd2414294b67523220f14c818c68aa1da33daa1421949ea51dd80ea0535511d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-store, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 21 Mar 2023 21:28:20 GMT
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://caed3d2e-714e8310.xenox.cfd/api/report?catId=GW+estsfd+dub1"}]}
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Accept-Encoding
x-ms-ests-server
2.1.14939.4 - NEULR1 ProdSlices
x-ms-request-id
296e583f-4040-484f-8c8d-f78c57a72100
Primary Request /
lmo.xenox.cfd/ 		556 KB
168 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=&sso_reload=true
Requested by
Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
b2560e3eb3b5e385a28a447c74a49d732ff6fd2c4fd985ca013108ac3bf776ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-store, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 21 Mar 2023 21:28:22 GMT
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://caed3d2e-714e8310.xenox.cfd/api/report?catId=GW+estsfd+dub1"}]}
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Accept-Encoding
x-ms-ests-server
2.1.14816.6 - NEULR1 ProdSlices
x-ms-request-id
d519f692-19e9-4d0c-ad6b-568225a80100
Me.htm
live.xenox.cfd/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://live.xenox.cfd/Me.htm?v=3
Requested by
Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lmo.xenox.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ConvergedLogin_PCore_EH-q9hPYkBqq2xSfT_DcJw2.js
9107b80c-714e8310.xenox.cfd/shared/1.0/content/js/ 		403 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9107b80c-714e8310.xenox.cfd/shared/1.0/content/js/ConvergedLogin_PCore_EH-q9hPYkBqq2xSfT_DcJw2.js
Requested by
Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
4be4c2467f190fdafdb3d9351ecfb31c1714c833476cae5f1e18d1fdbc069ac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lmo.xenox.cfd/
Origin
https://lmo.xenox.cfd
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Mar 2023 21:28:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref-originshield
0Kq4ZZAAAAADpfTOhkLrZSqblkBhaWgB9RlJBMjMxMDUwNDE3MDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Tue, 14 Feb 2023 22:22:30 GMT
server
nginx
vary
Accept-Encoding
x-azure-ref
0dyEaZAAAAACQ6mLc9UTWTYleqIFqa2qcR1ZBMzBFREdFMDIxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
61c146ed-a01e-005d-364a-5b8b5b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pcustomizationloader_aeb718e8cbcfba8bf6ed.js
9107b80c-714e8310.xenox.cfd/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9107b80c-714e8310.xenox.cfd/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_aeb718e8cbcfba8bf6ed.js
Requested by
Host: 9107b80c-714e8310.xenox.cfd
URL: https://9107b80c-714e8310.xenox.cfd/shared/1.0/content/js/ConvergedLogin_PCore_EH-q9hPYkBqq2xSfT_DcJw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
d05bd97198c5f1bb7f03e563271f381274a253cc2fdf500c3b60853d50f5329d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lmo.xenox.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Mar 2023 21:28:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref-originshield
0/fMXZAAAAAD3LRKpPkseSIpp1qSB4xUeRlJBMjMxMDUwNDE4MDM3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Tue, 14 Feb 2023 22:22:20 GMT
server
nginx
vary
Accept-Encoding
x-azure-ref
0dyEaZAAAAABqTh0C9tkETK5E7aL/ctWpWlJIRURHRTEzMjEAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5369bb9b-401e-0053-62d6-552946000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Prefetch.aspx
53ba13a8-714e8310.xenox.cfd/Prefetch/ Frame 9703 		0
0
converged.v2.login.min_dxlgfz8kx1amwm8vpguk7w2.css
9107b80c-714e8310.xenox.cfd/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://9107b80c-714e8310.xenox.cfd/ests/2.1/content/cdnbundles/converged.v2.login.min_dxlgfz8kx1amwm8vpguk7w2.css
Requested by
Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lmo.xenox.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Mar 2023 21:28:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref-originshield
0MCIYZAAAAABqLCb2TNngS40QIGO8T5oKRlJBMjMxMDUwNDE3MDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Wed, 15 Feb 2023 01:53:02 GMT
server
nginx
vary
Accept-Encoding
x-azure-ref
0dyEaZAAAAABfRHVajtkTQrHZ7CpF9JMOWlJIRURHRTA2MTMAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
dd7b5bdf-601e-0029-01af-55d553000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-de.min_r-3rawcvitw3xfgjk85ziq2.js
9107b80c-714e8310.xenox.cfd/ests/2.1/content/cdnbundles/ 		0
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://9107b80c-714e8310.xenox.cfd/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_r-3rawcvitw3xfgjk85ziq2.js
Requested by
Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9cm9iZXJ0Lmh1bGxAZmFuZHVlbC5jb20=&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lmo.xenox.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Mar 2023 21:28:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref-originshield
00CP/YwAAAADYNjdxMSijS4/sn3TGcTcTRlJBMjMxMDUwNDE3MDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Wed, 15 Feb 2023 01:54:31 GMT
server
nginx
vary
Accept-Encoding
x-azure-ref
0eCEaZAAAAACMAzlwKJVOS5NqFSLSedwjR1ZBMzBFREdFMDIxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7c9c57de-a01e-004d-60e0-4a3b79000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pidpdisambiguation_98124844b6ee60fcd14b.js
9107b80c-714e8310.xenox.cfd/shared/1.0/content/js/asyncchunk/ 		0
0
marching_ants_white_166de53471265253ab3a456defe6da23.gif
9107b80c-714e8310.xenox.cfd/shared/1.0/content/images/ 		0
0
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
9107b80c-714e8310.xenox.cfd/shared/1.0/content/images/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
53ba13a8-714e8310.xenox.cfd
URL
https://53ba13a8-714e8310.xenox.cfd/Prefetch/Prefetch.aspx
Domain
9107b80c-714e8310.xenox.cfd
URL
https://9107b80c-714e8310.xenox.cfd/shared/1.0/content/js/asyncchunk/convergedlogin_pidpdisambiguation_98124844b6ee60fcd14b.js
Domain
9107b80c-714e8310.xenox.cfd
URL
https://9107b80c-714e8310.xenox.cfd/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Domain
9107b80c-714e8310.xenox.cfd
URL
https://9107b80c-714e8310.xenox.cfd/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

21 Cookies

Domain/Path Name / Value
.naukrigulf.com/nglogin/user Name: _t_ds
Value: 7d4eb01679434098-387d4eb0-07d4eb0
www.naukrigulf.com/nglogin/user Name: aka_location
Value: Country=DE
.naukrigulf.com/ Name: _ngenv1[lang]
Value: en
.naukrigulf.com/ Name: puppeteer
Value: FALSE
.naukrigulf.com/ Name: resmanexp
Value:
.naukrigulf.com/ Name: mboost
Value: false
.naukrigulf.com/ Name: mboost50
Value: true
www.naukrigulf.com/ Name: profileCom
Value: y
www.naukrigulf.com/ Name: chatbotonorganicresman
Value: n
www.naukrigulf.com/ Name: chatbotonmarketingresman
Value: y
www.naukrigulf.com/ Name: chatbotonmarketingresmanAr
Value: y
www.naukrigulf.com/ Name: chatbotonorganicresmanAr
Value: n
.naukrigulf.com/ Name: countryc
Value: DE
.naukrigulf.com/ Name: countryn
Value: Germany
.naukrigulf.com/ Name: city
Value:
.naukrigulf.com/ Name: state
Value:
.naukrigulf.com/ Name: ak_bmsc
Value: F6DA3C29C01CEA5724924EDAF5CADEAB~000000000000000000000000000000~YAAQF7sQAoMWjAWHAQAAUaYSBhNXuCNCibzq9YaJ8EFt+3iq7o7Qfyha5pjMbrjNsH/tUmtH0lswsITmBia03R2NgqAxYHKCOnGs+Y0nB6cdV1vJoX76k+VacSzCQVAEbsJzzHj4ghoX5EgyGnmyyCb1SKk7K1O+zYhus2Fywm8qz1HN2dvCSBEfAPenVN5PqtdOB1eVdqnDVuZDraUSn+lJOwqm4iS9iXVogpS/n7IDMwMA7uZ6dxBeQUAKiqgcYhMFCupY2zR0nx6uebP6G8YD2pbcXNcsM75TWxUDAusAbZFag6y0NBB0R8TD0r7sBTDengw+XPGbjvfJ/xXv1BtCaAV5rtxV56TgO+cfmeQa3I9uYgkarf8IRqwYtyz2QO45QJe7j+c7I6HjZGrjD9ylgg==
.codesandbox.io/ Name: _cfuvid
Value: G4pGq3lJ_tCrFVHysKngU5XWYyS3WJG5Y_Is9JdZTuo-1679434098426-0-604800000
.xenox.cfd/ Name: WjzLSF
Value: NzE0ZTgzMTAtY2Q0My00ZWRkLTk3YTgtYzQ3OWRiNmMzM2YzOjcyMDhiNzc4LTRjMmMtNGNhNi05OTM2LTViM2QwOTQ0MmJlNw==
.lmo.xenox.cfd/ Name: AADSSO
Value: NA|NoExtension
lmo.xenox.cfd/ Name: SSOCOOKIEPULLED
Value: 1