lmo.xenox.cfd Open in urlscan Pro
20.203.171.106 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbk...
Effective URL:
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ==
Submission: On March 21 via api (March 21st 2023, 10:09:57 pm UTC) from US — Scanned from DE

Summary HTTP 80 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 80 HTTP transactions. The main IP is 20.203.171.106, located in Zurich, Switzerland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is lmo.xenox.cfd.
TLS certificate: Issued by R3 on March 21st 2023. Valid for: 3 months.

This is the only time lmo.xenox.cfd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:26f0:6c0... 2a02:26f0:6c00:190::23ed	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6812:772	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:672	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	20.203.171.106 20.203.171.106	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
80	5

1 2a02:26f0:6c00:190::23ed (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.naukrigulf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:772 (United States)

ASN13335 (CLOUDFLARENET, US)

ugbdwl.codesandbox.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
codesandbox.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:672 (United States)

ASN13335 (CLOUDFLARENET, US)

codesandbox.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 20.203.171.106 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lmo.xenox.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
live.xenox.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
722e69e9-bcbac1c7.xenox.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c88b2c52-bcbac1c7.xenox.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7a544049-bcbac1c7.xenox.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	xenox.cfd lmo.xenox.cfd live.xenox.cfd 722e69e9-bcbac1c7.xenox.cfd c88b2c52-bcbac1c7.xenox.cfd 7a544049-bcbac1c7.xenox.cfd	530 KB
5	codesandbox.io ugbdwl.codesandbox.io codesandbox.io — Cisco Umbrella Rank: 73255	50 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 886	6 KB
1	naukrigulf.com 1 redirects www.naukrigulf.com — Cisco Umbrella Rank: 428145	1 KB
80	4

	Domain	Requested by
13	722e69e9-bcbac1c7.xenox.cfd	lmo.xenox.cfd 722e69e9-bcbac1c7.xenox.cfd
6	7a544049-bcbac1c7.xenox.cfd	c88b2c52-bcbac1c7.xenox.cfd
4	codesandbox.io	ugbdwl.codesandbox.io codesandbox.io
3	lmo.xenox.cfd	ugbdwl.codesandbox.io lmo.xenox.cfd
1	c88b2c52-bcbac1c7.xenox.cfd	722e69e9-bcbac1c7.xenox.cfd c88b2c52-bcbac1c7.xenox.cfd
1	live.xenox.cfd	lmo.xenox.cfd
1	static.cloudflareinsights.com	ugbdwl.codesandbox.io
1	ugbdwl.codesandbox.io
1	www.naukrigulf.com	1 redirects
80	9

This site contains links to these domains. Also see Links.

Domain
4b8c4dd3-bcbac1c7.xenox.cfd
wwwms.xenox.cfd
55d38bd9-bcbac1c7.xenox.cfd

Subject Issuer	Validity	Valid
codesandbox.io Cloudflare Inc ECC CA-3	`2023-03-19` - `2024-03-18`	a year	crt.sh
*.nodebox.codesandbox.io E1	`2023-03-08` - `2023-06-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
xenox.cfd R3	`2023-03-21` - `2023-06-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ==
Frame ID: 78C796F16C454D51F0B8044091A08826
Requests: 23 HTTP requests in this frame

Frame: https://c88b2c52-bcbac1c7.xenox.cfd/Prefetch/Prefetch.aspx
Frame ID: ACCC007CDEE28AD51A7DD49C0E0CBC88
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2... HTTP 303
https://ugbdwl.codesandbox.io/ Page URL
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ== Page URL
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ== Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

80
Requests

38 %
HTTPS

80 %
IPv6

4
Domains

9
Subdomains

5
IPs

3
Countries

586 kB
Transfer

1790 kB
Size

21
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://4b8c4dd3-bcbac1c7.xenox.cfd/fwlink/p/?LinkID=733247
Title: Benennen Sie Ihr persönliches Microsoft-Konto um.

Search URL Search Domain Scan URL

URL: https://wwwms.xenox.cfd/de-DE/servicesagreement/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://55d38bd9-bcbac1c7.xenox.cfd/de-DE/privacystatement
Title: Datenschutz & Cookies

Search URL Search Domain Scan URL

URL: https://wwwms.xenox.cfd/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbkBiaWdwb25kLmNvbQ%3D%3D%7C%2A%2A%2A%2A%7C1%7C~~%7C20230129&rUrl=https%3A%2F%2Fugbdwl.codesandbox.io%2F%23dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ== HTTP 303
https://ugbdwl.codesandbox.io/ Page URL
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ== Page URL
https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbkBiaWdwb25kLmNvbQ%3D%3D%7C%2A%2A%2A%2A%7C1%7C~~%7C20230129&rUrl=https%3A%2F%2Fugbdwl.codesandbox.io%2F%23dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ== HTTP 303
https://ugbdwl.codesandbox.io/

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
ugbdwl.codesandbox.io/
Redirect Chain

https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbkBiaWdwb25kLmNvbQ%3D%3D%7C%2A%2A%2A%2A%7C1%7C~~%7C20230129&rUrl=https%3A%2F...
https://ugbdwl.codesandbox.io/

2 KB
2 KB

177ms
82ms

Document
text/html

2606:4700::6812:772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ugbdwl.codesandbox.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c54b67b04f7601d4780dcee5662800d04b418ddfd4730a0735740c6c960ab015

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7ab9858b6a1c2c6a-FRA
content-encoding: br
content-type: text/html
date: Tue, 21 Mar 2023 22:09:51 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-request-id: F06Orq0NxDB7U6gG9SgD

Redirect headers

content-length: 0
content-type: application/json
date: Tue, 21 Mar 2023 22:09:51 GMT
location: https://ugbdwl.codesandbox.io/#dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ==
server: nginx
strict-transport-security: : max-age=31536000
timestamp: 1679436591
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-trace: 2B1EB97782A36B0057D4DB8D7742F14BEA4ED1B393000000000000000000

GET
H2 200 sse-hooks.f742b80f43c5a2e0e619b0d97b5886cd.js
codesandbox.io/public/sse-hooks/ 172 KB
44 KB 75ms
61ms Script
application/javascript 2606:4700::6812:772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/public/sse-hooks/sse-hooks.f742b80f43c5a2e0e619b0d97b5886cd.js
Requested by: Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugbdwl.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 21 Mar 2023 22:09:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 6633459
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 13 Aug 2022 13:00:47 GMT
server: cloudflare
etag: W/"62f7a07f-2aeb3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7ab9858c0aa82c6a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 banner.0b5d84a2b.js Show response
codesandbox.io/static/js/ 4 KB
2 KB 74ms
60ms Script
application/javascript 2606:4700::6812:772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/banner.0b5d84a2b.js
Requested by: Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 683fbdef88b2ebf85e44c498687952697f4093fb1ff40f884eb6a2f3c74d0bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugbdwl.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 21 Mar 2023 22:09:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 1319952
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Mar 2023 08:37:20 GMT
server: cloudflare
etag: W/"6405a640-f37"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7ab9858c0aa42c6a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 watermark-button.f4f9aed52.js
codesandbox.io/static/js/ 3 KB
2 KB 160ms
53ms Script
application/javascript 2606:4700::6812:672
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/watermark-button.f4f9aed52.js
Requested by: Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ugbdwl.codesandbox.io/
Origin: https://ugbdwl.codesandbox.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 21 Mar 2023 22:09:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 6776
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 21 Mar 2023 15:56:05 GMT
server: cloudflare
etag: W/"6419d395-ae5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7ab9858c9a679193-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 163ms
72ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ugbdwl.codesandbox.io/
Origin: https://ugbdwl.codesandbox.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 21 Mar 2023 22:09:52 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2023 17:58:49 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7ab9858d4b029bec-FRA

GET
H2 200 phishing
codesandbox.io/api/v1/sandboxes/ugbdwl/ 33 B
415 B 180ms
180ms Fetch
application/vnd.github.v3+json 2606:4700::6812:672
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/api/v1/sandboxes/ugbdwl/phishing
Requested by: Host: codesandbox.io
URL: https://codesandbox.io/static/js/banner.0b5d84a2b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugbdwl.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 21 Mar 2023 22:09:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin
content-type: application/vnd.github.v3+json; charset=utf-8
access-control-allow-origin: https://ugbdwl.codesandbox.io
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7ab9858cdaa39193-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33
x-request-id: F06Orroy6pEolXQHFRdi

GET
H2 200 / Show response
lmo.xenox.cfd/ 350 KB
118 KB 389ms
276ms Document
text/html 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ==

Requested by

Host: ugbdwl.codesandbox.io
URL: https://ugbdwl.codesandbox.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

d9d4c9b7a835742db975de1bb2f9a66cbb1fba98c656fc7af8d74afc3c302eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ugbdwl.codesandbox.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 21 Mar 2023 22:09:52 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

POST
H2 200 / Show response
lmo.xenox.cfd/ 196 B
348 B 309ms
309ms Fetch
application/json 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ==

Requested by

Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ==

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

883e9c9deb57c28de34c62e8925265aba089ec5e24a49f62993201b8bdd2b70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/json

Response headers

date: Tue, 21 Mar 2023 22:09:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/json

GET
H2 200 Primary Request / Show response
lmo.xenox.cfd/ 557 KB
168 KB 1779ms
1779ms Document
text/html 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ==

Requested by

Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ==

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

68db9d1204d04bf913fa103df35d6c5cff6d721b6ccfdbeadf2165edd10d5025

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 21 Mar 2023 22:09:54 GMT
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://7f69c5c9-bcbac1c7.xenox.cfd/api/report?catId=GW+estsfd+dub2"}]}
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-ms-ests-server: 2.1.14816.6 - WEULR2 ProdSlices
x-ms-request-id: 6cac78ef-e577-458c-b423-271a76fb4200

GET
H2 200 Me.htm
live.xenox.cfd/ 0
0 675ms
665ms Other
text/html 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.xenox.cfd/Me.htm?v=3
Requested by: Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lmo.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

GET
H2 200 ConvergedLogin_PCore_EH-q9hPYkBqq2xSfT_DcJw2.js Show response
722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/js/ 403 KB
113 KB 686ms
576ms Script
application/x-javascript 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/js/ConvergedLogin_PCore_EH-q9hPYkBqq2xSfT_DcJw2.js

Requested by

Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ==

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

02a13bb79e5a42928dc859d7cdde8cbbe935e0a0790ef8f42e4a378c31fc2466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://lmo.xenox.cfd/
Origin: https://lmo.xenox.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Mar 2023 22:09:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0wf4XZAAAAABP4DahqSVjRaDkHoklCgYSRlJBMjMxMDUwNDE4MDQ1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Tue, 14 Feb 2023 22:22:30 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 0MysaZAAAAACDwJ48tQa3Sb9yuNTkytZOWlJIRURHRTA2MTEAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a80d8395-c01e-001f-0fb6-560e4e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 convergedlogin_pcustomizationloader_aeb718e8cbcfba8bf6ed.js Show response
722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/js/asyncchunk/ 107 KB
32 KB 259ms
259ms Script
application/x-javascript 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_aeb718e8cbcfba8bf6ed.js

Requested by

Host: 722e69e9-bcbac1c7.xenox.cfd
URL: https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/js/ConvergedLogin_PCore_EH-q9hPYkBqq2xSfT_DcJw2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

83abcf40a708867cff3a6fe412fa13b4d533069e8d45b4bad705421c6977a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lmo.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Mar 2023 22:09:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0/fMXZAAAAAD3LRKpPkseSIpp1qSB4xUeRlJBMjMxMDUwNDE4MDM3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Tue, 14 Feb 2023 22:22:20 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 0MysaZAAAAAAvkJbVDnagTY0aE8haVPmRWlJIRURHRTA2MTYAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5369bb9b-401e-0053-62d6-552946000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 Prefetch.aspx Show response
c88b2c52-bcbac1c7.xenox.cfd/Prefetch/ Frame ACCC 11 KB
3 KB 597ms
582ms Document
text/html 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://c88b2c52-bcbac1c7.xenox.cfd/Prefetch/Prefetch.aspx

Requested by

Host: 722e69e9-bcbac1c7.xenox.cfd
URL: https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/js/ConvergedLogin_PCore_EH-q9hPYkBqq2xSfT_DcJw2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

fc5d52384e222abdad8b7e2e64d604eea9dacf599fb76915702c42323e72f0c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://lmo.xenox.cfd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache,no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 21 Mar 2023 22:09:56 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge

GET
H2 200 converged.v2.login.min_dxlgfz8kx1amwm8vpguk7w2.css
722e69e9-bcbac1c7.xenox.cfd/ests/2.1/content/cdnbundles/ 0
20 KB 172ms
169ms Other
text/css 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://722e69e9-bcbac1c7.xenox.cfd/ests/2.1/content/cdnbundles/converged.v2.login.min_dxlgfz8kx1amwm8vpguk7w2.css

Requested by

Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ==

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lmo.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Mar 2023 22:09:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0MCIYZAAAAABqLCb2TNngS40QIGO8T5oKRlJBMjMxMDUwNDE3MDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Wed, 15 Feb 2023 01:53:02 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 0MysaZAAAAAAySGGRJNgyS4N8HhxlixCHWlJIRURHRTEzMTEAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: dd7b5bdf-601e-0029-01af-55d553000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 ux.converged.login.strings-de.min_r-3rawcvitw3xfgjk85ziq2.js
722e69e9-bcbac1c7.xenox.cfd/ests/2.1/content/cdnbundles/ 0
16 KB 216ms
215ms Other
application/x-javascript 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://722e69e9-bcbac1c7.xenox.cfd/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_r-3rawcvitw3xfgjk85ziq2.js

Requested by

Host: lmo.xenox.cfd
URL: https://lmo.xenox.cfd/?eqp=dXNlcm5hbWU9aGlsYXJ5LmZvd2xlckBrZWhlLmNvbQ==

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lmo.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Mar 2023 22:09:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0JCsaZAAAAACHGKITzLp3QYxU8usOxSH/RlJBMjMxMDUwNDE3MDExADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Wed, 15 Feb 2023 01:54:31 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 0NCsaZAAAAACYHcgL8F72SapMIZzkXL8WR1ZBMzBFREdFMDIxMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b3939773-201e-0001-1529-5b1c71000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 convergedlogin_pidpdisambiguation_98124844b6ee60fcd14b.js Show response
722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/js/asyncchunk/ 7 KB
3 KB 161ms
160ms Script
application/x-javascript 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/js/asyncchunk/convergedlogin_pidpdisambiguation_98124844b6ee60fcd14b.js

Requested by

Host: 722e69e9-bcbac1c7.xenox.cfd
URL: https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/js/ConvergedLogin_PCore_EH-q9hPYkBqq2xSfT_DcJw2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

9375fe2c98603e4edcd44df2159218886ea3bb1e2416640652c2c71c92ae454d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lmo.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Mar 2023 22:09:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 00DMVZAAAAAAcgEcaNuvhQ7D/MSs0+rqxRlJBMjMxMDUwNDE3MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Tue, 14 Feb 2023 22:22:20 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 0NCsaZAAAAAB9EbjXnLS8Qo5eKRaReh60R1ZBMzBFREdFMDIxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 80ea3f8c-501e-000e-5ba5-58956e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 marching_ants_white_166de53471265253ab3a456defe6da23.gif
722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/ 3 KB
3 KB 128ms
128ms Image
image/gif 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lmo.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Mar 2023 22:09:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0NzgYZAAAAAD+Y8rZreRcR7w61LatB7R8RlJBMjMxMDUwNDE3MDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:37 GMT
server: nginx
etag: 0x8D79B83739984DD
x-azure-ref: 0NCsaZAAAAAAzK/bQp7pRQLQYLk0p6Xh/WlJIRURHRTA2MjIAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 5fa42616-f01e-0028-09ce-55fe51000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/ 4 KB
4 KB 136ms
136ms Image
image/gif 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lmo.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Mar 2023 22:09:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 06PEZZAAAAADwEGRKqV/nRYDpJl7dzhYzRlJBMjMxMDUwNDE4MDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:38 GMT
server: nginx
etag: 0x8D79B8373B17F89
x-azure-ref: 0NCsaZAAAAACCCsQatT6hTIWplof+RhgKR1ZBMzBFREdFMDIxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 2fe7c558-201e-002d-5f36-5b795b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 2_bc3d32a696895f78c19df6c717586a5d.svg
722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/backgrounds/ 2 KB
1 KB 138ms
138ms Image
image/svg+xml 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lmo.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Mar 2023 22:09:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0niYYZAAAAAAGowR54UgsQ5Xzx0cSl0dHRlJBMjMxMDUwNDE4MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Wed, 12 Feb 2020 22:01:30 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 0NCsaZAAAAABbO0J4adWsQ5OAKQftxorFWlJIRURHRTA2MjIAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6338f7d8-c01e-0077-1abf-55147d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/ 4 KB
2 KB 298ms
298ms Image
image/svg+xml 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lmo.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Mar 2023 22:09:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0niYYZAAAAAD4niMvuon4QbTMCER/pTUORlJBMjMxMDUwNDE4MDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:38 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 0NCsaZAAAAACjo3IHndcMSJ+SveASMLDRWlJIRURHRTA2MDcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 19188079-201e-0001-78cd-5a1c71000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 marching_ants_white_166de53471265253ab3a456defe6da23.gif
722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/ 3 KB
3 KB 125ms
124ms Image
image/gif 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif

Requested by

Host: 722e69e9-bcbac1c7.xenox.cfd
URL: https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/js/ConvergedLogin_PCore_EH-q9hPYkBqq2xSfT_DcJw2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lmo.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Mar 2023 22:09:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0NzgYZAAAAAD+Y8rZreRcR7w61LatB7R8RlJBMjMxMDUwNDE3MDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:37 GMT
server: nginx
etag: 0x8D79B83739984DD
x-azure-ref: 0NCsaZAAAAAAvrtKjxUxRQK0e8MYZFUG9WlJIRURHRTA2MDcAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 5fa42616-f01e-0028-09ce-55fe51000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/ 4 KB
4 KB 143ms
143ms Image
image/gif 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif

Requested by

Host: 722e69e9-bcbac1c7.xenox.cfd
URL: https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/js/ConvergedLogin_PCore_EH-q9hPYkBqq2xSfT_DcJw2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lmo.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Mar 2023 22:09:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0xvsXZAAAAADUxZMkj4+SR4PZQdgMuxfuRlJBMjMxMDUwNDE3MDExADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:38 GMT
server: nginx
etag: 0x8D79B8373B17F89
x-azure-ref: 0NCsaZAAAAAB+Smf7AzIfSLG8NL3xnTAyWlJIRURHRTEzMjIAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: cf68037d-d01e-006e-1ea6-58d74c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 picker_account_aad_f83ebff69a4a1685e4dc9650cdab8886.svg
722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/ 1 KB
1 KB 193ms
192ms Image
image/svg+xml 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/picker_account_aad_f83ebff69a4a1685e4dc9650cdab8886.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

7b1669da90261cdb1483950bb480ad96875f84b09bc48d1055303ce94821bf64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lmo.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Mar 2023 22:09:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0FTkYZAAAAABl8gM34A9GRJ6Pj0ScirWmRlJBMjMxMDUwNDE4MDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 31 Oct 2020 02:21:09 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 0NCsaZAAAAAAEcc/LkhOPR4XgbLnnafvXWlJIRURHRTA2MTIAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 34c05ed2-601e-006d-7dac-55aa4a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 picker_account_msa_2d8f86059be176833897099ee6ddedeb.svg
722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/ 379 B
979 B 118ms
117ms Image
image/svg+xml 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://722e69e9-bcbac1c7.xenox.cfd/shared/1.0/content/images/picker_account_msa_2d8f86059be176833897099ee6ddedeb.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lmo.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Mar 2023 22:09:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref-originshield: 0u0QYZAAAAACRrwkdx2EJTrKTnP2ZzNY/RlJBMjMxMDUwNDE3MDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:39 GMT
server: nginx
vary: Accept-Encoding
x-azure-ref: 0NCsaZAAAAAA8bROZhrCeRILsF8I7eg3vWlJIRURHRTA2MTAAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b882d559-401e-0093-5d00-59ad02000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 embeddedfonts.css
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/ Frame ACCC 3 KB
770 B 592ms
579ms Stylesheet
text/css 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/embeddedfonts.css

Requested by

Host: c88b2c52-bcbac1c7.xenox.cfd
URL: https://c88b2c52-bcbac1c7.xenox.cfd/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

b341d951205ad626d1a07fac3b6be7456c657062d881934f70eb0694a1dbc40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c88b2c52-bcbac1c7.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 21 Mar 2023 22:09:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 350840
x-cache: HIT
last-modified: Thu, 16 Mar 2023 17:38:05 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 8382192c-b01e-003b-2311-598f65000000
access-control-expose-headers: date
timing-allow-origin: *
access-control-allow-headers: *

GET admin.css
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/admin/css/ Frame ACCC 0
0

GET
H2 200 o365themedefault.css
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/ Frame ACCC 7 KB
1 KB 212ms
199ms Stylesheet
text/css 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/o365themedefault.css

Requested by

Host: c88b2c52-bcbac1c7.xenox.cfd
URL: https://c88b2c52-bcbac1c7.xenox.cfd/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

d132d49c1c8945f5c43ae470badf2b6edcd584297e84e59dd2034ffb7dc863b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c88b2c52-bcbac1c7.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 21 Mar 2023 22:09:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 311282
x-cache: HIT
last-modified: Thu, 16 Mar 2023 17:38:40 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 5192bc8c-201e-0074-5b6d-59fe31000000
access-control-expose-headers: date
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 masterstyles15.css
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/ Frame ACCC 92 KB
25 KB 277ms
265ms Stylesheet
text/css 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/masterstyles15.css

Requested by

Host: c88b2c52-bcbac1c7.xenox.cfd
URL: https://c88b2c52-bcbac1c7.xenox.cfd/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

4423c3689b203644532d6108642eb4661a722a841fc5106511ec1dbf0578a4f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c88b2c52-bcbac1c7.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 21 Mar 2023 22:09:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 350840
x-cache: HIT
last-modified: Thu, 16 Mar 2023 17:38:08 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 92596c93-b01e-002b-7411-594a0d000000
access-control-expose-headers: date
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 masterstyles15mvc.css
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/ Frame ACCC 15 KB
4 KB 193ms
181ms Stylesheet
text/css 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/masterstyles15mvc.css

Requested by

Host: c88b2c52-bcbac1c7.xenox.cfd
URL: https://c88b2c52-bcbac1c7.xenox.cfd/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

7c84a79b85db658640f4cb8a1c8b03e724098cf2fb2d2d05f0d5f25d0d169907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c88b2c52-bcbac1c7.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 21 Mar 2023 22:09:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 400542
x-cache: HIT
last-modified: Thu, 16 Mar 2023 17:38:10 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 2a15181f-701e-0079-249d-5836e5000000
access-control-expose-headers: date
timing-allow-origin: *
access-control-allow-headers: *

GET website.css
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/ Frame ACCC 0
0

GET home.css
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/ Frame ACCC 0
0

GET home15.css
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/ Frame ACCC 0
0

GET assistancepanel.css
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/ Frame ACCC 0
0

GET conciergehelper.css
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/ Frame ACCC 0
0

GET
H2 200 signup16.css
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/content/css/ Frame ACCC 21 KB
5 KB 203ms
193ms Stylesheet
text/css 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/content/css/signup16.css

Requested by

Host: c88b2c52-bcbac1c7.xenox.cfd
URL: https://c88b2c52-bcbac1c7.xenox.cfd/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

79b2f49bc12bb6ffcebfcd1312378fc3b68fc8e2ecb95147c34713fd866dd870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c88b2c52-bcbac1c7.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 21 Mar 2023 22:09:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 311282
x-cache: HIT
last-modified: Thu, 16 Mar 2023 17:39:45 GMT
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: c1dcfdd6-501e-0051-396d-59574d000000
access-control-expose-headers: date
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 404 adoption.css
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/ Frame ACCC 0
0 332ms
322ms Stylesheet
application/xml 20.203.171.106
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/adoption.css

Requested by

Host: c88b2c52-bcbac1c7.xenox.cfd
URL: https://c88b2c52-bcbac1c7.xenox.cfd/Prefetch/Prefetch.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.203.171.106 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c88b2c52-bcbac1c7.xenox.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 21 Mar 2023 22:09:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-cdn-provider: Verizon
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: c512456e-c01e-0031-1841-5c2bd2000000
access-control-expose-headers: date
timing-allow-origin: *
access-control-allow-headers: *

GET commonhealthdashboard.css
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/ Frame ACCC 0
0

GET webcontrols.png
7a544049-bcbac1c7.xenox.cfd/images/ Frame ACCC 0
0

GET transparent.gif
7a544049-bcbac1c7.xenox.cfd/Images/ Frame ACCC 0
0

GET header_bg_signup_office.jpg
7a544049-bcbac1c7.xenox.cfd/Shell/Images/ Frame ACCC 0
0

GET O365SharedClusteredImage.png
7a544049-bcbac1c7.xenox.cfd/Shell/Images/ Frame ACCC 0
0

GET servicestatus.png
7a544049-bcbac1c7.xenox.cfd/images/ Frame ACCC 0
0

GET pagelayout_white_panel.jpg
7a544049-bcbac1c7.xenox.cfd/Shell/Images/ Frame ACCC 0
0

GET pagelayout_mos_background_right.jpg
7a544049-bcbac1c7.xenox.cfd/Shell/Images/ Frame ACCC 0
0

GET pagelayout_mos_background_left.jpg
7a544049-bcbac1c7.xenox.cfd/Shell/Images/ Frame ACCC 0
0

GET pagelayout_nav_highlight.jpg
7a544049-bcbac1c7.xenox.cfd/Shell/Images/ Frame ACCC 0
0

GET header_wizard_hl_mos.jpg
7a544049-bcbac1c7.xenox.cfd/Shell/Images/ Frame ACCC 0
0

GET list_bullet_5x5.gif
7a544049-bcbac1c7.xenox.cfd/Images/ Frame ACCC 0
0

GET spinner_16x16_metro.gif
7a544049-bcbac1c7.xenox.cfd/images/ Frame ACCC 0
0

GET spinner_24x24_metro.gif
7a544049-bcbac1c7.xenox.cfd/images/ Frame ACCC 0
0

GET signup_ms_logo.png
7a544049-bcbac1c7.xenox.cfd/shell/images/ Frame ACCC 0
0

GET o365_gallatin_logo.png
7a544049-bcbac1c7.xenox.cfd/shell/images/ Frame ACCC 0
0

GET image1.jpg
7a544049-bcbac1c7.xenox.cfd/images/backgrounds/ Frame ACCC 0
0

GET arrow_staticup_16.png
7a544049-bcbac1c7.xenox.cfd/images/scrollbar/ Frame ACCC 0
0

GET arrow_staticdown_16.png
7a544049-bcbac1c7.xenox.cfd/images/scrollbar/ Frame ACCC 0
0

GET WebResource.axd
c88b2c52-bcbac1c7.xenox.cfd/ Frame ACCC 0
0

GET microsoftajaxcombined.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/ Frame ACCC 0
0

GET jquery-1_10_2_min.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/jquery/ Frame ACCC 0
0

GET headbundle.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/ Frame ACCC 0
0

GET controlbundle.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/ Frame ACCC 0
0

GET angularlib.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/ Frame ACCC 0
0

GET angularextensions.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/ Frame ACCC 0
0

GET adminbootstrap.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/ Frame ACCC 0
0

GET adminapp.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/ Frame ACCC 0
0

GET mscorlib.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/ Frame ACCC 0
0

GET listgrid.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/webcontrols/js/ Frame ACCC 0
0

GET peoplepicker.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/webcontrols/js/ Frame ACCC 0
0

GET productkeycontrol.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/webcontrols/js/ Frame ACCC 0
0

GET gridview.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/webcontrols/js/ Frame ACCC 0
0

GET netperf.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/ Frame ACCC 0
0

GET searchbox.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/ Frame ACCC 0
0

GET passwordstrengthmeter.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/ Frame ACCC 0
0

GET hipcontrol.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/ Frame ACCC 0
0

GET geminiwizard.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/webcontrols/js/ Frame ACCC 0
0

GET webuivalidation.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/ Frame ACCC 0
0

GET webtrends.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/ Frame ACCC 0
0

GET webtrendsstream.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/ Frame ACCC 0
0

GET home.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/ Frame ACCC 0
0

GET reporting.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/ Frame ACCC 0
0

GET assistancepanel.js
7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/ Frame ACCC 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/admin/css/admin.css

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/website.css

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/home.css

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/home15.css

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/assistancepanel.css

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/conciergehelper.css

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/commonhealthdashboard.css

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/images/webcontrols.png

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/Images/transparent.gif

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/Shell/Images/header_bg_signup_office.jpg

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/Shell/Images/O365SharedClusteredImage.png

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/images/servicestatus.png

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/Shell/Images/pagelayout_white_panel.jpg

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/Shell/Images/pagelayout_mos_background_right.jpg

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/Shell/Images/pagelayout_mos_background_left.jpg

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/Shell/Images/pagelayout_nav_highlight.jpg

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/Shell/Images/header_wizard_hl_mos.jpg

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/Images/list_bullet_5x5.gif

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/images/spinner_16x16_metro.gif

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/images/spinner_24x24_metro.gif

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/shell/images/signup_ms_logo.png

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/shell/images/o365_gallatin_logo.png

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/images/backgrounds/image1.jpg

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/images/scrollbar/arrow_staticup_16.png

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/images/scrollbar/arrow_staticdown_16.png

Domain: c88b2c52-bcbac1c7.xenox.cfd
URL: https://c88b2c52-bcbac1c7.xenox.cfd/WebResource.axd?d=SYxG2gKEltHc92c7-eKy7vreyN1e2QqrvpdCCR4utt35Rwac9rd_c8SeOHxrYQBj6_mlgMwB-OaZiOiHvHjimRyiyb40s7dxOv3AMLtzClV2W-wogtkMOc2pDBD_sJZyRKzfvgJtVY-JClcKNVaTSg2&t=638114535759270433

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/microsoftajaxcombined.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/jquery/jquery-1_10_2_min.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/headbundle.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/controlbundle.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/angularlib.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/angularextensions.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/adminbootstrap.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/adminapp.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/mscorlib.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/webcontrols/js/listgrid.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/webcontrols/js/peoplepicker.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/webcontrols/js/productkeycontrol.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/webcontrols/js/gridview.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/netperf.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/searchbox.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/passwordstrengthmeter.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/jsc/hipcontrol.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/webcontrols/js/geminiwizard.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/webuivalidation.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/webtrends.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/webtrendsstream.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/home.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/reporting.js

Domain: 7a544049-bcbac1c7.xenox.cfd
URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/js/assistancepanel.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.naukrigulf.com/nglogin/user	1970-01-20 20:06:36	Name: _t_ds Value: 5c36ae1679436591-385c36ae-05c36ae
www.naukrigulf.com/nglogin/user	1969-12-31 23:59:59	Name: aka_location Value: Country=DE
.naukrigulf.com/	1969-12-31 23:59:59	Name: _ngenv1[lang] Value: en
.naukrigulf.com/	1969-12-31 23:59:59	Name: puppeteer Value: FALSE
.naukrigulf.com/	1969-12-31 23:59:59	Name: resmanexp Value:
.naukrigulf.com/	1969-12-31 23:59:59	Name: mboost Value: false
.naukrigulf.com/	1969-12-31 23:59:59	Name: mboost50 Value: true
www.naukrigulf.com/	1970-01-20 16:16:12	Name: profileCom Value: y
www.naukrigulf.com/	1970-01-20 16:16:12	Name: chatbotonorganicresman Value: n
www.naukrigulf.com/	1970-01-20 16:16:12	Name: chatbotonmarketingresman Value: y
www.naukrigulf.com/	1970-01-20 16:16:12	Name: chatbotonmarketingresmanAr Value: y
www.naukrigulf.com/	1970-01-20 16:16:12	Name: chatbotonorganicresmanAr Value: n
.naukrigulf.com/	1969-12-31 23:59:59	Name: countryc Value: DE
.naukrigulf.com/	1969-12-31 23:59:59	Name: countryn Value: Germany
.naukrigulf.com/	1969-12-31 23:59:59	Name: city Value:
.naukrigulf.com/	1969-12-31 23:59:59	Name: state Value:
.naukrigulf.com/	1970-01-20 10:30:43	Name: ak_bmsc Value: 564EE8DCF09E3E4B09579D6275B81DF4~000000000000000000000000000000~YAAQJLsQAuIwlQWHAQAAmbI4BhOaoXwe1hXP6rtbSlgHWX5MRBLnloW3Y0V82ZKu8AgLV8QPeL2qTUOvn+y67nb/KNRTMg0OCdxnuxYCmQxJCngByHFDMdJn+uK4wtc4iWUKofUxEfY0DIVmQDtGcKZeBMZYtYfk2LEkjHOn3sjmZKlg8HRKBLB+mgu0kNl5YMkjcIy+58xuKwL6YSDaXjQ/il88CDuZj7x3Qh8EGgNSst/AiluBRlQrPf+TYEqx+BuZ/ywASoEiXPxKfUp2/hcEUVC7eW2OAZ9WBxlKalm4mrfDaHkoWipk6LKLYgGQTWdUSonKiLH3zVUJtcjbwWrcrWcvxblWm9gmJYkB7DoDUDTdNxCdg0S8oyrsp2XLAXZum7eXg4s/1vQxgdSY+GttzLM=
.codesandbox.io/	1969-12-31 23:59:59	Name: _cfuvid Value: wWDAS6W2F89EFGAnzPCtNfjtecWILY5TkJ8747ZPc2s-1679436591947-0-604800000
.xenox.cfd/	1970-01-20 10:52:12	Name: WjzLSF Value: YmNiYWMxYzctZDdiMy00ZjM3LWJjYjctZDhiN2QyMzMyZjc2OjcyMDhiNzc4LTRjMmMtNGNhNi05OTM2LTViM2QwOTQ0MmJlNw==
.lmo.xenox.cfd/	1969-12-31 23:59:59	Name: CkTst Value: G1679436595851
.lmo.xenox.cfd/	1970-01-20 19:52:12	Name: brcap Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://7a544049-bcbac1c7.xenox.cfd/admincenter/admin-pkg/2023.3.13.2/de/css/adoption.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

722e69e9-bcbac1c7.xenox.cfd
7a544049-bcbac1c7.xenox.cfd
c88b2c52-bcbac1c7.xenox.cfd
codesandbox.io
live.xenox.cfd
lmo.xenox.cfd
static.cloudflareinsights.com
ugbdwl.codesandbox.io
www.naukrigulf.com
7a544049-bcbac1c7.xenox.cfd
c88b2c52-bcbac1c7.xenox.cfd
20.203.171.106
2606:4700::6810:3965
2606:4700::6812:672
2606:4700::6812:772
2a02:26f0:6c00:190::23ed
02a13bb79e5a42928dc859d7cdde8cbbe935e0a0790ef8f42e4a378c31fc2466
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
4423c3689b203644532d6108642eb4661a722a841fc5106511ec1dbf0578a4f8
683fbdef88b2ebf85e44c498687952697f4093fb1ff40f884eb6a2f3c74d0bb7
68db9d1204d04bf913fa103df35d6c5cff6d721b6ccfdbeadf2165edd10d5025
79b2f49bc12bb6ffcebfcd1312378fc3b68fc8e2ecb95147c34713fd866dd870
7b1669da90261cdb1483950bb480ad96875f84b09bc48d1055303ce94821bf64
7c84a79b85db658640f4cb8a1c8b03e724098cf2fb2d2d05f0d5f25d0d169907
83abcf40a708867cff3a6fe412fa13b4d533069e8d45b4bad705421c6977a655
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
883e9c9deb57c28de34c62e8925265aba089ec5e24a49f62993201b8bdd2b70a
9375fe2c98603e4edcd44df2159218886ea3bb1e2416640652c2c71c92ae454d
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
b341d951205ad626d1a07fac3b6be7456c657062d881934f70eb0694a1dbc40b
c54b67b04f7601d4780dcee5662800d04b418ddfd4730a0735740c6c960ab015
d132d49c1c8945f5c43ae470badf2b6edcd584297e84e59dd2034ffb7dc863b3
d9d4c9b7a835742db975de1bb2f9a66cbb1fba98c656fc7af8d74afc3c302eea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc5d52384e222abdad8b7e2e64d604eea9dacf599fb76915702c42323e72f0c6

lmo.xenox.cfd Open in urlscan Pro 20.203.171.106 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

38 %HTTPS

80 %IPv6

4 Domains

9 Subdomains

5 IPs

3 Countries

586 kBTransfer

1790 kBSize

21 Cookies

4 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lmo.xenox.cfd Open in urlscan Pro
20.203.171.106 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

38 %
HTTPS

80 %
IPv6

4
Domains

9
Subdomains

5
IPs

3
Countries

586 kB
Transfer

1790 kB
Size

21
Cookies

80 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!